3.1.5 Ensure the filename pattern for log files is set correctly

Information

The log_filename setting specifies the filename pattern for log files. The value for log_filename should match your organization's logging policy.

The value is treated as a strftime pattern, so %-escapes can be used to specify time-varying file names. The supported %-escapes are similar to those listed in the Open Group's strftime specification. If you specify a file name without escapes, you should plan to use a log rotation utility to avoid eventually filling the partition that contains log_directory. If there are any time-zone-dependent %-escapes, the computation is done in the zone specified by log_timezone. Also, the system's strftime is not used directly, so platform-specific (nonstandard) extensions do not work.

If CSV-format output is enabled in log_destination, .csv will be appended to the log filename. (If log_filename ends in .log, the suffix is replaced instead.)

Rationale:

If log_filename is not set, then the value of log_directory is appended to an empty string and PostgreSQL will fail to start as it will try to write to a directory instead of a file.

Solution

Execute the following SQL statement(s) to remediate this setting:

postgres=# alter system set log_filename='postgresql-%Y%m%d.log';
ALTER SYSTEM
postgres=# select pg_reload_conf();
pg_reload_conf
----------------
t
(1 row)
postgres=# show log_filename;
log_filename
-------------------
postgresql-%Y%m%d.log
(1 row)

Note: In this example, a new log file will be created for each day (e.g. postgresql-20200804.log)

Default Value:

The default is postgresql-%a.log, which creates a new log file for each day of the week (e.g. postgresql-Mon.log, postgresql-Tue.log).

See Also

https://workbench.cisecurity.org/benchmarks/17003

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-2, 800-53|AU-3, 800-53|AU-3(1), 800-53|AU-7, 800-53|AU-12, CSCv7|6.2, CSCv7|6.3

Plugin: PostgreSQLDB

Control ID: f416c857d5e030e3220e3b26cb1f074a47fb20e810cef1fd5d8103ed357ed3d2