Benchmark: Content of Audit Records (AU-3)
Description
The information system generates audit records containing information that establishes what type of event occurred, when the event occurred, where the event occurred, the source of the event, the outcome of the event, and the identity of any individuals or subjects associated with the event.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-gcp-compliance
Start the Powerpipe server:
steampipe service startpowerpipe server
Open http://localhost:9033 in your browser and select Content of Audit Records (AU-3).
Run this benchmark in your terminal:
powerpipe benchmark run gcp_compliance.benchmark.nist_800_53_rev_5_au_3
Snapshot and share results via Turbot Pipes:
powerpipe benchmark run gcp_compliance.benchmark.nist_800_53_rev_5_au_3 --share
Controls
- Ensure 'log_error_verbosity' database flag for Alloy DB instance is set to 'DEFAULT' or stricter
- Ensure 'log_min_error_statement' database flag for Alloy DB instance is set to 'Error' or stricter
- Ensure that the 'Log_min_messages' Flag for a Alloy DB Instance is set at minimum to 'Warning'
- Ensure that Cloud DNS logging is enabled for all VPC networks
- Ensure that the 'log_connections' database flag for Cloud SQL PostgreSQL instance is set to 'on'
- Ensure that the 'log_disconnections' database flag for Cloud SQL PostgreSQL instance is set to 'on'
- Ensure 'log_error_verbosity' database flag for Cloud SQL PostgreSQL instance is set to 'DEFAULT' or stricter
- Ensure that the 'log_min_duration_statement' database flag for Cloud SQL PostgreSQL instance is set to '-1' (disabled)
- Ensure 'log_min_error_statement' database flag for Cloud SQL PostgreSQL instance is set to 'Error' or stricter
- Ensure that the 'Log_min_messages' Flag for a Cloud SQL PostgreSQL Instance is set at minimum to 'Warning'
- Ensure 'log_statement' database flag for Cloud SQL PostgreSQL instance is set appropriately