Products

Solutions

Company

Book A Live Demo

Database logging should be enabled

Ensure database logging is turned on to meet compliance standards

Rule	Database logging should be enabled
Framework	NIST 800-171 Revision 2
Severity	✔ Low

Database Logging for NIST 800-171 Revision 2

Description

Enabling database logging is a crucial security measure to ensure compliance with the National Institute of Standards and Technology (NIST) Special Publication 800-171 Revision 2. This requirement is specifically focused on protecting sensitive information stored in databases by maintaining an audit trail of activities and changes.

By enabling database logging, organizations can track and monitor any unauthorized access attempts, modifications, or deletions to the critical data stored within their databases. This helps in identifying potential security incidents, detecting anomalies, and facilitating timely incident response.

Troubleshooting Steps

There may be several issues encountered while enabling database logging for NIST 800-171 Revision 2. Some common troubleshooting steps to address these issues are listed below:

1.
Permission Issues: Ensure that the account used to enable database logging has the necessary permissions to modify the logging settings. Access control and appropriate privileges need to be granted to the user.

2.
Compatibility: Verify that the database version and the logging solution are compatible. Ensure that the selected logging solution supports the specific database management system (DBMS) version being used.

3.
Disk Space: Verify that there is sufficient disk space available to store the logs. Insufficient disk space can prevent the effective logging of activities.

4.
Log File Size: Ensure that log files are not exceeding the predefined size limit. This can be achieved by configuring log rotation or archiving mechanisms.

5.
Configuration Validation: Validate the logging configuration settings against the database logging documentation and ensure that the required parameters and settings are correctly entered.

Necessary Codes

The specific codes required for enabling database logging vary depending on the database management system being used. Below are examples of common databases and their corresponding codes:

Microsoft SQL Server

ALTER DATABASE <database_name> SET RECOVERY SIMPLE;

ALTER DATABASE <database_name> SET ENABLE_BROKER;

USE master;
GO
ALTER DATABASE <database_name> SET ENABLE_BROKER;
GO

USE master;
GO
ALTER DATABASE <database_name> SET LOGFILEGROUP <logfilegroup_name>;
GO

Oracle Database

ALTER DATABASE <database_name> ADD SUPPLEMENTAL LOG DATA (PRIMARY KEY) COLUMNS;

ALTER DATABASE <database_name> ADD SUPPLEMENTAL LOG DATA (FOREIGN KEY) COLUMNS;

ALTER DATABASE <database_name> ADD SUPPLEMENTAL LOG DATA (ALL) COLUMNS;

ALTER SYSTEM SET AUDIT_TRAIL='<audit_trail_setting>' SCOPE=SPFILE;

MySQL

SET GLOBAL general_log = 'ON';

SET GLOBAL log_output = 'TABLE';

SET GLOBAL slow_query_log = 'ON';

SET GLOBAL long_query_time = <time_in_seconds>;

These are just a few examples, and the actual codes might differ based on the specific DBMS version and the logging solution being used.

Step-by-Step Guide for Remediation

1.
Identify the Database Management System (DBMS) being used in your environment (e.g., Microsoft SQL Server, Oracle, MySQL).

2.
Refer to the documentation for your specific DBMS to understand the recommended logging settings and parameters required for enabling database logging.

3.
Determine the appropriate database(s) that require logging based on the sensitivity of the data they store.

4.
Use the necessary codes provided earlier for your specific DBMS to enable database logging.

5.
Validate the logging configuration and ensure that the required logging is taking place.

6.
Monitor the log files regularly to detect any anomalies or security incidents.

7.
Perform periodic reviews of the logs to ensure compliance with NIST 800-171 Revision 2 requirements.

8.
In case of any issues or troubleshooting needs, follow the steps mentioned in the "Troubleshooting Steps" section above.

9.
Continuously update and refine the logging configuration based on evolving security requirements and best practices.

Note: It is recommended to consult with a database administrator or security expert familiar with your specific DBMS for accurate implementation of database logging as per NIST 800-171 Revision 2 requirements.

Database logging should be enabled

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Description

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Troubleshooting Steps

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Necessary Codes

.css-1ekaeh4{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:22px;font-weight:700;margin-top:1rem;margin-bottom:0rem;}Microsoft SQL Server

.css-1ekaeh4{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:22px;font-weight:700;margin-top:1rem;margin-bottom:0rem;}Oracle Database

.css-1ekaeh4{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:22px;font-weight:700;margin-top:1rem;margin-bottom:0rem;}MySQL

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Step-by-Step Guide for Remediation

Is your System Free of Underlying Vulnerabilities? Find Out Now