Products

Solutions

Company

Book A Live Demo

Rule: Database logging should be enabled

This rule requires enabling database logging for improved security measures.

Rule	Database logging should be enabled
Framework	FedRAMP Low Revision 4
Severity	✔ Low

Database Logging Rule - FedRAMP Low Revision 4

Description:

The Database Logging rule for FedRAMP Low Revision 4 requires the enabling of database logging for additional security and compliance measures. This rule helps to monitor and record activities within the database environment, providing an audit trail and enhancing the overall security posture.

Troubleshooting Steps:

1.
Verify the current state of logging: Check if database logging is already enabled or disabled. If already enabled, proceed with the configuration checks. If disabled, enable it according to the provided steps.

2.
Review database and system documentation: Understand the logging capabilities and requirements for the specific database technology in use.

3.
Check database configuration: Ensure that the necessary permissions and configurations are in place for enabling database logging.

4.
Review database error logs: Check for any error messages or warnings related to logging configuration. Address any issues found.

Necessary Codes:

No specific codes are required for this rule. The configuration settings will depend on the database technology in use.

Step-by-Step Guide for Remediation:

1. Identify the Database Technology:

Determine the type of database (e.g., MySQL, PostgreSQL, Oracle, SQL Server) being used. Each database technology may have specific procedures for enabling logging.

2. Enable Database Logging:

Follow the appropriate steps based on the database technology:

For MySQL:

1.
Open the MySQL configuration file (usually located at
```
/etc/my.cnf
```
or
```
/etc/mysql/my.cnf
```
).

2.
Locate the
```
[mysqld]
```
section.

3.
Add or modify the following line:
```
general_log = 1
```
.

4.
Save the file and restart the MySQL service.

For PostgreSQL:

1.
Open the PostgreSQL configuration file (usually located at
```
/var/lib/pgsql/VERSION_NUMBER/data/postgresql.conf
```
).

2.
Locate the
```
logging_collector
```
parameter and set it to
```
on
```
.

3.
Save the file and restart the PostgreSQL service.

For Oracle:

1.
Connect to the Oracle database as a privileged user.

Execute the following SQL command to enable logging:

ALTER SYSTEM SET audit_trail=db, extended SCOPE=spfile;

3.
Restart the Oracle service for the changes to take effect.

For SQL Server:

1.
Connect to the SQL Server instance using SQL Server Management Studio (SSMS).

2.
Expand the "Management" node, right-click on "SQL Server Logs," and select "Configure".

3.
In the "Configure SQL Server Error Logs" dialog, select the desired options for logging, such as the retention period and the maximum log size.

4.
Click "OK" to save the changes.

3. Verify Logging Status:

After enabling database logging, perform the following verification steps:

For MySQL:

1.
Connect to the MySQL database using a client (e.g., MySQL Workbench, command-line interface).

2.
Execute the following SQL command:
```
SHOW VARIABLES LIKE '%general_log%';
```
.

3.
Check if the value of the
```
general_log
```
variable is set to
```
ON
```
.

For PostgreSQL:

1.
Connect to the PostgreSQL database using a client (e.g., pgAdmin, psql command-line).

Run the following SQL query:

SELECT * FROM pg_settings WHERE name = 'logging_collector';

3.
Verify that the value of the
```
logging_collector
```
parameter is
```
on
```
.

For Oracle:

1.
Connect to the Oracle database as a privileged user.

Execute the following SQL command:

SELECT VALUE FROM V$PARAMETER WHERE NAME = 'audit_trail';

3.
Ensure that the output is
```
DB
```
.

For SQL Server:

1.
In SSMS, expand the "Management" node, right-click on "SQL Server Logs," and select "View SQL Server Log."

2.
Review the log entries to verify that logging is active and no errors are reported.

Conclusion:

Enabling database logging is crucial for maintaining compliance with the FedRAMP Low Revision 4 requirements. Follow the specific steps provided for the appropriate database technology to ensure that logging is properly enabled and functioning. Regularly review the logs to detect and investigate any suspicious activities for enhanced security.

Rule: Database logging should be enabled

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Description:

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Troubleshooting Steps:

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Necessary Codes:

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Step-by-Step Guide for Remediation:

.css-1ekaeh4{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:22px;font-weight:700;margin-top:1rem;margin-bottom:0rem;}1. Identify the Database Technology:

.css-1ekaeh4{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:22px;font-weight:700;margin-top:1rem;margin-bottom:0rem;}2. Enable Database Logging:

.css-1ekaeh4{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:22px;font-weight:700;margin-top:1rem;margin-bottom:0rem;}3. Verify Logging Status:

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Conclusion:

Is your System Free of Underlying Vulnerabilities? Find Out Now