7.1.4 Ensure Audit is Enabled Within the Instance

Information

Auditing is crucial for securing and discovering issues within your databases.

Auditing can help trigger events for changes to data objects, table DML, and user access.

Rationale:

If instance auditing is not enabled, issues may go undiscovered, and compromises and other incidents may occur without being quickly detected. It may also not be possible to provide evidence of compliance with security laws, regulations, and other requirements.

Solution

Issue the following command to activate instance level auditing:

$ db2audit start

See Also

https://workbench.cisecurity.org/benchmarks/10752

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-2, 800-53|AU-7, 800-53|AU-12, CSCv7|6.2

Plugin: Unix

Control ID: 342980f9182413fe16e453047928dcc4e077acaf8fee53f73ffef6cbf27b9b78