Skip to content

Latest commit

 

History

History
26 lines (21 loc) · 2.16 KB

log-duration-enabled.md

File metadata and controls

26 lines (21 loc) · 2.16 KB

CloudSploit

AZURE / PostgreSQL Server / Log Duration Enabled

Quick Info

Plugin Title Log Duration Enabled
Cloud AZURE
Category PostgreSQL Server
Description Ensures connection duration logs are enabled for PostgreSQL servers
More Info Connection duration logs log duration times of connections to the server and can be used to locate suspicious long-running connections.
AZURE Link https://docs.microsoft.com/en-us/azure/postgresql/howto-configure-server-parameters-using-portal
Recommended Action Ensure the server parameters for each PostgreSQL server have the log_duration setting enabled.

Detailed Remediation Steps

  1. Log in to the Microsoft Azure Management Console.
  2. Select the "Search resources, services, and docs" option at the top and search for PostgreSQL.
  3. On the "Azure Database for PostgreSQL servers" page, select the database by clicking on the "Name" as a link that needs to be examined.
  4. Scroll down the left navigation panel and choose "Server parameters" under "Settings."
  5. On the "Server parameters" page, search for "log_duration" paramter using the "Search for filter item search box." If the value is set to "OFF" then the "log-duration" is not enabled for PostgreSQL servers. This is against Azure best practices.
  6. To enable "log_duration" select "ON" from the toggle configuration button.
  7. Click on the "Save" button at the top to make the changes.
  8. Repeat step number 3 - 7 to ensure the server parameters for each PostgreSQL server have the log_duration setting enabled.