Documentation - V-235173

V-235173

Oracle MySQL 8.0 Security Technical Implementation Guide

CAT II

Title

The MySQL Database Server 8.0 must allocate audit record storage capacity in accordance with organization-defined audit record storage requirements.

Description

<VulnDiscussion>To ensure sufficient storage capacity for the audit logs, the Database Management System (DBMS) must be able to allocate audit record storage capacity. Although another requirement (SRG-APP-000515-DB-000318) mandates that audit data be off-loaded to a centralized log management system, it remains necessary to provide space on the database server to serve as a buffer against outages and capacity limits of the off-loading mechanism. The task of allocating audit record storage capa...

Fix Text (Documentation Requirement)

Review the MySQL Audit file location, ensure the destination has enough space available to accommodate the maximum total size of all files that could be written. Use a script or third-party tool to manage the maximum number of audit log files that are to be stored, staying within the number of logs the system was sized to support. Use compression and JSON format to reduce file growth. Update the location for audit_log_file in the MySQL configuration file, for example: [mysqld] audit-log-file=/var/log/mysql/audit.log audit-log-format=JSON audit-log-compression=GZIP

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel