The DBMS must initiate session auditing upon startup.

Severity	Group ID	Group Title	Version	Rule ID	Date	STIG Version
medium	V-206527	SRG-APP-000092	SRG-APP-000092-DB-000208	SV-206527r960888_rule	2024-12-04	4

Description
Session auditing is for use when a user's activities are under investigation. To be sure of capturing all activity during those periods when session auditing is in use, it needs to be in operation for the whole time the DBMS is running.

ℹ️ Check
Review DBMS vendor documentation to determine whether the DBMS software is capable of session auditing. If the DBMS is not capable of session auditing and a third party product is not being used for session level auditing, this is a finding. If the DBMS is capable of session level auditing and specific session audits are currently defined but session auditing is not enabled; or if a third-party product is available for session auditing and specific session audits are currently defined but session auditing is not enabled, this is a finding.

ℹ️ Check

Review DBMS vendor documentation to determine whether the DBMS software is capable of session auditing. If the DBMS is not capable of session auditing and a third party product is not being used for session level auditing, this is a finding. If the DBMS is capable of session level auditing and specific session audits are currently defined but session auditing is not enabled; or if a third-party product is available for session auditing and specific session audits are currently defined but session auditing is not enabled, this is a finding.

✔️ Fix
Deploy a DBMS capable of session auditing. Configure the DBMS software or third-party product to enable session auditing.