3.1.5 Ensure the filename pattern for log files is set correctly

Information

The log_filename setting specifies the filename pattern for log files. The value for log_filename should match your organization's logging policy.
The value is treated as a strftime pattern, so %-escapes can be used to specify time-varying filenames. The supported %-escapes are similar to those listed in the Open Group's strftime specification. If you specify a filename without escapes, you should plan to use a log rotation utility to avoid eventually filling the partition that contains log_directory. If there are any time-zone-dependent %-escapes, the computation is done in the zone specified by log_timezone. Also, the system's strftime is not used directly, so platform-specific (nonstandard) extensions do not work.
If CSV-format output is enabled in log_destination, .csv will be appended to the log filename. (If log_filename ends in .log, the suffix is replaced instead.)

Rationale:

If log_filename is not set, then the value of log_directory is appended to an empty string and PostgreSQL will fail to start as it will try to write to a directory instead of a file.

Solution

Execute the following SQL statement(s) to remediate this setting:

postgres=# alter system set log_filename='postgresql-%Y%m%d.log';
ALTER SYSTEM
postgres=# select pg_reload_conf();
pg_reload_conf
----------------
t
(1 row)
postgres=# show log_filename;
log_filename
-------------------
postgresql-%Y%m%d.log
(1 row)

Note: In this example, a new logfile will be created for each day (e.g. postgresql-20180901.log)

Default Value:

The default is postgresql-%a.log, which creates a new logfile for each day of the week (e.g. postgresql-Mon.log, postgresql-Tue.log).

See Also

https://workbench.cisecurity.org/files/2407

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-3, 800-53|AU-12, CSCv6|6.2, CSCv7|6.2, CSCv7|6.3

Plugin: PostgreSQLDB

Control ID: 158e9962036ddf379a892d3d3af2357d4bf7cfa9c22f3219201aa636b2897918