PostgreSQL instance with 'log_connections' flag disabled

Logging and monitoring

PostgreSQL instance with ‘log_connections’ flag disabled

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

Brazilian General Data Protection (LGPD)
CCM-CSA
CCPA
CPRA
Data Security Posture Management (DSPM) Best Practices
GCP CIS
GDPR
hdh
HITRUST
ISO/IEC 27001
Mitre ATT&CK
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
PDPA
UK Cyber Essentials

Description

PostgreSQL does not log attempted connections by default. Enabling the 'log_connections' setting will create log entries for each attempted connection as well as successful completion of client authentication which can be useful in troubleshooting issues and to determine any unusual connection attempts to the server.

Recommended Mitigation

Add the following database flag: 'log_connections=on'.

PostgreSQL instance with ‘log_connections’ flag disabled

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS