Documentation - V-251190

Title

Redis Enterprise DBMS must provide audit record generation capability for DoD-defined auditable events within all DBMS/database components.

Description

<VulnDiscussion>Without the capability to generate audit records, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one. Audit records can be generated from various components within the DBMS (e.g., process, module). Certain specific application functionalities may be audited as well. The list of audited events is the set of events for which audits are to be generated. This set of events is typically a subset of ...

Fix Text (Documentation Requirement)

Logging verbosity on Redis Enterprise can be changed for error messages and debugging purposes. Auditing and logging levels for user actions on the control plane does not change and cannot be configured. Configure the verbosity to the organizationally defined level: 1. Enter the relevant node and run the following commands (run on each desired node): - ccs-cli hset dmc:<node_id> log_level <log_level> - ccs-cli hset dmc:<node_id> mgmt_log_level <log_level> 2. Reconfigure the DMC: rlutil dmc_reconf dmc=<node_id> 3. Set a specific log level in the DMC for a given DB: - ccs-cli hset bdb:<db_id> log_level <log_level> - rlutil dmc_reconf bdb=<db_id> Logging levels include: 1. Debug (DBG) - at this level, anything goes, to include whatever a developer finds useful for debugging. This lev...