Sunset - CIS PostgreSQL 10 DB v1.0.0

Audit Details

Name: Sunset - CIS PostgreSQL 10 DB v1.0.0

Updated: 6/17/2024

Authority: CIS

Plugin: Database

Revision: 1.11

File Details

Filename: CIS_PostgreSQL_10_v1.0.0_L1_DB.audit

Size: 128 kB

MD5: 67904c1b16ef68e98bcfbeb165dc5cfc

SHA256: 5907563bd764ad715c32f4b5ec3fb2e9f9fc2dacd14bf512fa3f89220dafcf98

Audit Changelog


Revision 1.11 Jun 17, 2024 Miscellaneous Metadata updated.
Revision 1.10 Jun 27, 2023 Miscellaneous Metadata updated.
Revision 1.9 Mar 7, 2023 Miscellaneous Metadata updated. References updated.
Revision 1.8 Jan 4, 2023 Miscellaneous Metadata updated. Variables updated.
Revision 1.7 Dec 7, 2022 Miscellaneous Metadata updated.
Revision 1.6 Apr 25, 2022 Miscellaneous References updated.
Revision 1.5 Mar 29, 2022 Miscellaneous Metadata updated. References updated.
Revision 1.4 Feb 28, 2022 Functional Update 3.1.7 Ensure 'log_truncate_on_rotation' is enabled 3.2 Ensure the PostgreSQL Audit Extension (pgAudit) is enabled - pgaudit installed Informational Update 3.1.10 Ensure the correct syslog facility is selected 3.1.11 Ensure the program name for PostgreSQL syslog messages is correct 3.1.12 Ensure the correct messages are written to the server log 3.1.13 Ensure the correct SQL statements generating errors are recorded 3.1.14 Ensure 'debug_print_parse' is disabled 3.1.15 Ensure 'debug_print_rewritten' is disabled 3.1.16 Ensure 'debug_print_plan' is disabled 3.1.17 Ensure 'debug_pretty_print' is enabled 3.1.18 Ensure 'log_connections' is enabled 3.1.19 Ensure 'log_disconnections' is enabled 3.1.2 Ensure the log destinations are set correctly 3.1.20 Ensure 'log_error_verbosity' is set correctly 3.1.21 Ensure 'log_hostname' is set correctly 3.1.22 Ensure 'log_line_prefix' is set correctly 3.1.23 Ensure 'log_statement' is set correctly 3.1.24 Ensure 'log_timezone' is set correctly 3.1.3 Ensure the logging collector is enabled 3.1.4 Ensure the log file destination directory is set correctly 3.1.5 Ensure the filename pattern for log files is set correctly 3.1.6 Ensure the log file permissions are set correctly 3.1.7 Ensure 'log_truncate_on_rotation' is enabled 3.1.8 Ensure the maximum log file lifetime is set correctly 3.1.9 Ensure the maximum log file size is set correctly 3.2 Ensure the PostgreSQL Audit Extension (pgAudit) is enabled - audit.log 3.2 Ensure the PostgreSQL Audit Extension (pgAudit) is enabled - pgaudit installed 4.2 Ensure excessive administrative privileges are revoked 4.4 Ensure excessive DML privileges are revoked 4.5 Use pg_permission extension to audit object permissions 4.6 Ensure Row Level Security (RLS) is configured correctly 4.7 Ensure the set_user extension is installed 4.8 Make use of default roles 6.1 Ensure 'Attack Vectors' Runtime Parameters are Configured 6.2 Ensure 'backend' runtime parameters are configured correctly 6.3 Ensure 'Postmaster' Runtime Parameters are Configured 6.4 Ensure 'SIGHUP' Runtime Parameters are Configured 6.5 Ensure 'Superuser' Runtime Parameters are Configured 6.6 Ensure 'User' Runtime Parameters are Configured 6.8 Ensure SSL is enabled and configured correctly 6.9 Ensure the pgcrypto extension is installed and configured correctly 7.1 Ensure a replication-only user is created and used for streaming replication 7.2 Ensure base backups are configured and functional 7.4 Ensure streaming replication parameters are configured correctly 8.1 Ensure PostgreSQL configuration files are outside the data cluster 8.2 Ensure PostgreSQL subdirectory locations are outside the data cluster 8.4 Ensure miscellaneous configuration settings are correct Miscellaneous Metadata updated. Platform check updated. References updated. Variables updated. Added CIS_PostgreSQL_10_v1.0.0_L1_DB.audit from CIS PostgreSQL 10 Benchmark v1.0.0
Revision 1.3 Jun 17, 2021 Miscellaneous Metadata updated. References updated.
Revision 1.2 Sep 29, 2020 Miscellaneous References updated.

Detections

Analytics

Sunset - CIS PostgreSQL 10 DB v1.0.0

Audit Details

File Details

Audit Changelog

Revision 1.11

Miscellaneous

Revision 1.10

Miscellaneous

Revision 1.9

Miscellaneous

Revision 1.8

Miscellaneous

Revision 1.7

Miscellaneous

Revision 1.6

Miscellaneous

Revision 1.5

Miscellaneous

Revision 1.4

Functional Update

Informational Update

Miscellaneous

Added

Revision 1.3

Miscellaneous

Revision 1.2

Miscellaneous

Detections

Analytics

Sunset - CIS PostgreSQL 10 DB v1.0.0 Download File

Audit Details

File Details

Audit Changelog

Miscellaneous

Miscellaneous

Miscellaneous

Miscellaneous

Miscellaneous

Miscellaneous

Miscellaneous

Functional Update

Informational Update

Miscellaneous

Added

Miscellaneous

Miscellaneous

Sunset - CIS PostgreSQL 10 DB v1.0.0