Description

Enable log_checkpoints on PostgreSQL flexible servers.

Rationale

Enabling log_checkpoints helps the PostgreSQL Database to Log each checkpoint, which in turn generates query and error logs. However, access to transaction logs is not supported. Query and error logs can be used to identify, troubleshoot, and repair configuration errors and sub-optimal performance.

Audit

From Azure Portal

From Azure Home select the Portal Menu.
Go to Azure Database for PostgreSQL flexible servers.
For each database, under Settings, click Server parameters.
In the filter bar, type log_checkpoints.
Ensure that the VALUE for log_checkpoints is set to ON.

From Azure CLI

Ensure the below command returns a value of on:

az postgres flexible-server parameter show --resource-group <resourceGroup> --server-name <serverName> --name log_checkpoints

From PowerShell

Ensure the below command returns a value of on:

Get-AzPostgreSqlFlexibleServerConfiguration -ResourceGroupName <resourceGroup> -ServerName <serverName> -Name log_checkpoints

From Azure Policy

If referencing a digital copy of this Benchmark, clicking a Policy ID will open a link to the associated Policy definition in Azure.

Policy ID: 70be9e12-c935-49ac-9bd8-fd64b85c1f87 - Name: Log checkpoints should be enabled for PostgreSQL flexible servers

Default Value

By default log_checkpoints is enabled (set to on).

Rationale​

Audit​

From Azure Portal​

From Azure CLI​

From PowerShell​

From Azure Policy​

Default Value​

References​