Ensure database logging is enabled to enhance security measures.
Rule | Database logging should be enabled |
Framework | Federal Financial Institutions Examination Council (FFIEC) |
Severity | ✔ Low |
Rule Name: Enable Database Logging for FFIEC
Description:
Database logging should be enabled for Federal Financial Institutions Examination Council (FFIEC) in order to ensure compliance with regulatory requirements and to maintain a secure record of all activities related to financial transactions and sensitive customer information.
Policy Statement:
It is mandatory to enable database logging for FFIEC to comply with regulatory standards and ensure the security and integrity of financial data.
Troubleshooting Steps:
If database logging is not enabled for FFIEC, follow the steps below to troubleshoot and rectify the issue:
Code Examples (if applicable):
As database logging configurations vary based on the database management system in use, the code examples are specific to each system. Here are a few examples related to commonly used database platforms:
To enable general query logging in MySQL, add the following line to the MySQL configuration file (my.cnf):
general_log = 1
Restart the MySQL service for the changes to take effect.
To enable logging in PostgreSQL, edit the PostgreSQL configuration file (postgresql.conf) and set the following parameters:
logging_collector = on log_directory = 'pg_log' log_filename = 'postgresql-%Y-%m-%d_%H%M%S.log' log_statement = 'all'
Save the changes and restart the PostgreSQL service.
To enable database auditing in Oracle Database, execute the following SQL command as a privileged user:
AUDIT ALL BY SYSTEM;
This command audits all actions performed by the SYSTEM user.
Remediation Steps:
Use the following step-by-step guide to enable database logging for FFIEC:
Note: The exact commands and steps may vary depending on the specific database management system in use. Refer to the documentation provided by your database management system vendor for detailed instructions.