Thread: Ensure 'User' Runtime Parameters are Configured
Hi All,
There is a requirement to monitor run time parameters and revert back changes (As per CIS Benchmark report). Requirement is to monitor user session parameter changes. How to achieve this? Any guidance is appreciated
Complete remediation given by CIS benchmark is as follows:
In the matter of a user session, the login sessions must be validated that it is not executing
undesired parameter changes. In the matter of attributes that have been changed in
entities, they must be manually reverted to its default value(s).
undesired parameter changes. In the matter of attributes that have been changed in
entities, they must be manually reverted to its default value(s).
Regards,
Pramod
Hi,
There is not a predefined method to achieve this but you can get your desired output by implementing the following logics:
There is not a predefined method to achieve this but you can get your desired output by implementing the following logics:
- Enable Detailed Logging by setting the following parameters in postgresql.conf file:
logging_collector = on
log_statement = 'all'
log_duration = on - Implement Auditing with
pgaudit Restrict PrivilegesAutomated Reversion:
Schedule a job that compares current settings withdefault_parametersand reverts any discrepancies.
On Mon, 7 Oct 2024 at 13:33, pramod kg <pramod11287@gmail.com> wrote:
Hi All,There is a requirement to monitor run time parameters and revert back changes (As per CIS Benchmark report). Requirement is to monitor user session parameter changes. How to achieve this? Any guidance is appreciatedComplete remediation given by CIS benchmark is as follows:In the matter of a user session, the login sessions must be validated that it is not executing
undesired parameter changes. In the matter of attributes that have been changed in
entities, they must be manually reverted to its default value(s).Regards,Pramod