| Vuln ID | Severity | Asset | STIG | Title | Status | Doc Status | Assigned To | Actions |
|---|---|---|---|---|---|---|---|---|
| V-206642 | CAT II | MONT-DB-002 | Database Security Requirements Guide | The DBMS must off-load audit data to a separate lo... | - | |||
Check TextReview the system documentation for a description of how audit records are off-loaded. If the DBMS has a continuous network connection to the centralized log management system, but the DBMS audit records are not written directly to the centralized log management system or transferred in near-real-time, this is a finding. If the DBMS does not have a continuous network connection to the centralized log management system, and the DBMS audit records are not transferred to the centralized log management system weekly or more often, this is a finding. Fix TextConfigure the DBMS or deploy and configure software tools to transfer audit records to a centralized log management system, continuously and in near-real time where a continuous network connection to the log management system exists, or at least weekly in the absence of such a connection. CommentsAn Audit log is generated in directory E:\IBSDatabaseAuditFiles\Logs\ShipCLIP. An Event runs once a day at 0002 to generate a new audit log, securely package old audit log, and stage secure package in directory ESTA Root\LESAudit\ShipCLIP\To_Shore for transmission to shore and subsequent processing into the centrally managed OpenSearch repository.
Source: Montford Point ShipCLIP DB V4R4.ckl
Scan Date: 2026-03-06T12:50:21.809591
Technology Area: Database Review
|
||||||||