Jun 17, 2024 |
Jun 27, 2023 |
Mar 7, 2023 Miscellaneous- Metadata updated.
- References updated.
|
Jan 4, 2023 Miscellaneous- Metadata updated.
- Variables updated.
|
Dec 7, 2022 |
Apr 25, 2022 |
Mar 29, 2022 Miscellaneous- Metadata updated.
- References updated.
|
Feb 28, 2022 Functional Update- 3.1.7 Ensure 'log_truncate_on_rotation' is enabled
- 3.2 Ensure the PostgreSQL Audit Extension (pgAudit) is enabled - pgaudit installed
Informational Update- 3.1.10 Ensure the correct syslog facility is selected
- 3.1.11 Ensure the program name for PostgreSQL syslog messages is correct
- 3.1.12 Ensure the correct messages are written to the server log
- 3.1.13 Ensure the correct SQL statements generating errors are recorded
- 3.1.14 Ensure 'debug_print_parse' is disabled
- 3.1.15 Ensure 'debug_print_rewritten' is disabled
- 3.1.16 Ensure 'debug_print_plan' is disabled
- 3.1.17 Ensure 'debug_pretty_print' is enabled
- 3.1.18 Ensure 'log_connections' is enabled
- 3.1.19 Ensure 'log_disconnections' is enabled
- 3.1.2 Ensure the log destinations are set correctly
- 3.1.20 Ensure 'log_error_verbosity' is set correctly
- 3.1.21 Ensure 'log_hostname' is set correctly
- 3.1.22 Ensure 'log_line_prefix' is set correctly
- 3.1.23 Ensure 'log_statement' is set correctly
- 3.1.24 Ensure 'log_timezone' is set correctly
- 3.1.3 Ensure the logging collector is enabled
- 3.1.4 Ensure the log file destination directory is set correctly
- 3.1.5 Ensure the filename pattern for log files is set correctly
- 3.1.6 Ensure the log file permissions are set correctly
- 3.1.7 Ensure 'log_truncate_on_rotation' is enabled
- 3.1.8 Ensure the maximum log file lifetime is set correctly
- 3.1.9 Ensure the maximum log file size is set correctly
- 3.2 Ensure the PostgreSQL Audit Extension (pgAudit) is enabled - audit.log
- 3.2 Ensure the PostgreSQL Audit Extension (pgAudit) is enabled - pgaudit installed
- 4.2 Ensure excessive administrative privileges are revoked
- 4.4 Ensure excessive DML privileges are revoked
- 4.5 Use pg_permission extension to audit object permissions
- 4.6 Ensure Row Level Security (RLS) is configured correctly
- 4.7 Ensure the set_user extension is installed
- 4.8 Make use of default roles
- 6.1 Ensure 'Attack Vectors' Runtime Parameters are Configured
- 6.2 Ensure 'backend' runtime parameters are configured correctly
- 6.3 Ensure 'Postmaster' Runtime Parameters are Configured
- 6.4 Ensure 'SIGHUP' Runtime Parameters are Configured
- 6.5 Ensure 'Superuser' Runtime Parameters are Configured
- 6.6 Ensure 'User' Runtime Parameters are Configured
- 6.8 Ensure SSL is enabled and configured correctly
- 6.9 Ensure the pgcrypto extension is installed and configured correctly
- 7.1 Ensure a replication-only user is created and used for streaming replication
- 7.2 Ensure base backups are configured and functional
- 7.4 Ensure streaming replication parameters are configured correctly
- 8.1 Ensure PostgreSQL configuration files are outside the data cluster
- 8.2 Ensure PostgreSQL subdirectory locations are outside the data cluster
- 8.4 Ensure miscellaneous configuration settings are correct
Miscellaneous- Metadata updated.
- Platform check updated.
- References updated.
- Variables updated.
Added- CIS_PostgreSQL_10_v1.0.0_L1_DB.audit from CIS PostgreSQL 10 Benchmark v1.0.0
|
Jun 17, 2021 Miscellaneous- Metadata updated.
- References updated.
|
Sep 29, 2020 |