🛡️ Azure PostgreSQL Single Server log_connections Parameter is not set to ON🟢

Contextual name: 🛡️ Single Server log_connections Parameter is not set to ON🟢
ID: /ce/ca/azure/postgresql-database/single-server-log-connections-parameter
Tags:
- 🟢 Policy with categories
- 🟢 Policy with type
- 🟢 Production policy
Policy Type: COMPLIANCE_POLICY
Policy Categories: SECURITY, RELIABILITY, PERFORMANCE

Stats

not available

Logic

🧠 prod.logic.yaml🟢
- 📗 Azure PostgreSQL Server
- 🔌 Azure PostgreSQL Server - object.extracts.yaml
- 🧪 test-data.json

Similar Policies

Cloud Conformity: Enable 'LOG_CONNECTIONS' Parameter for PostgreSQL Servers
Internal: dec-x-1518c16e

Similar Internal Rules

Rule	Policies	Flags
✉️ dec-x-1518c16e	1

Description

Open File

Description

Enable log_connections on PostgreSQL Single Servers.

NOTE: This recommendation currently only applies to Single Server, not Flexible Server. See additional information below for details about the planned retirement of Azure PostgreSQL Single Server.

Rationale

Enabling log_connections helps PostgreSQL log attempted connections to the server, as well as successful client authentication. Log data can be used to identify, troubleshoot, and repair configuration errors and suboptimal performance.

Audit

From Azure Portal

Log in to Azure Portal using https://portal.azure.com.

Go to Azure Database for PostgreSQL servers.

For each database, under Settings, click Server parameters.

In the filter bar, type log_connections.

Ensure that log_connections is set to ON.

From Azure CLI

Ensure the following command returns a Value of ON:
az postgres server configuration show \
    --resource-group {{resource-group-name}} \
    --server-name {{server-name}} \
    --name log_connections

... [see more](description.md)

Remediation

Open File

Remediation

From Azure Portal

Log in to Azure Portal using https://portal.azure.com.

Go to Azure Database for PostgreSQL servers.

For each database, under Settings, click Server parameters.

In the filter bar, type log_connections.

Set log_connections to ON.

Click Save.

From Azure CLI

Use the following command to update log_connections:
az postgres server configuration set \
    --resource-group {{resource-group-name}} \
    --server-name {{server-name}} \
    --name log_connections \
    --value on
From PowerShell

Use the following command to update log_connections:
Update-AzPostgreSqlConfiguration `
    -ResourceGroupName {{resource-group-name}} `
    -ServerName {{server-name}} `
    -Name log_connections `
    -Value on

policy.yaml

Open File

Linked Framework Sections

Section	Sub Sections	Internal Rules	Policies	Compliance
💼 CIS Azure v1.1.0 → 💼 4.14 Ensure server parameter 'log_connections' is set to 'ON' for PostgreSQL Database Server		1	1	no data
💼 CIS Azure v1.3.0 → 💼 4.3.4 Ensure server parameter 'log_connections' is set to 'ON' for PostgreSQL Database Server - Level 1 (Automated)		1	1	no data
💼 CIS Azure v1.4.0 → 💼 4.3.3 Ensure server parameter 'log_connections' is set to 'ON' for PostgreSQL Database Server - Level 1 (Automated)		1	1	no data
💼 CIS Azure v1.5.0 → 💼 4.3.3 Ensure server parameter 'log_connections' is set to 'ON' for PostgreSQL Database Server - Level 1 (Automated)		1	1	no data
💼 CIS Azure v2.0.0 → 💼 4.3.3 Ensure server parameter 'log_connections' is set to 'ON' for PostgreSQL Database Server - Level 1 (Automated)		1	1	no data
💼 CIS Azure v2.1.0 → 💼 4.3.3 Ensure server parameter 'log_connections' is set to 'ON' for PostgreSQL Database Server - Level 1 (Automated)		1	1	no data
💼 CIS Azure v3.0.0 → 💼 5.2.6 [LEGACY] Ensure server parameter 'log_connections' is set to 'ON' for PostgreSQL single server (Automated)			1	no data
💼 Cloudaware Framework → 💼 Logging and Monitoring Configuration			79	no data
💼 FedRAMP High Security Controls → 💼 AC-6(9) Log Use of Privileged Functions (M)(H)		8	32	no data
💼 FedRAMP High Security Controls → 💼 AU-6 Audit Record Review, Analysis, and Reporting (L)(M)(H)	6	21	42	no data
💼 FedRAMP High Security Controls → 💼 AU-11 Audit Record Retention (L)(M)(H)		17	18	no data
💼 FedRAMP High Security Controls → 💼 AU-12 Audit Record Generation (L)(M)(H)	2		74	no data
💼 FedRAMP High Security Controls → 💼 CM-3 Configuration Change Control (M)(H)	4		41	no data
💼 FedRAMP High Security Controls → 💼 SI-4(20) Privileged Users (H)		49	57	no data
💼 FedRAMP Low Security Controls → 💼 AU-6 Audit Record Review, Analysis, and Reporting (L)(M)(H)			24	no data
💼 FedRAMP Low Security Controls → 💼 AU-11 Audit Record Retention (L)(M)(H)			18	no data
💼 FedRAMP Low Security Controls → 💼 AU-12 Audit Record Generation (L)(M)(H)			74	no data
💼 FedRAMP Moderate Security Controls → 💼 AC-6(9) Log Use of Privileged Functions (M)(H)			32	no data
💼 FedRAMP Moderate Security Controls → 💼 AU-6 Audit Record Review, Analysis, and Reporting (L)(M)(H)	2		42	no data
💼 FedRAMP Moderate Security Controls → 💼 AU-11 Audit Record Retention (L)(M)(H)			18	no data
💼 FedRAMP Moderate Security Controls → 💼 AU-12 Audit Record Generation (L)(M)(H)			74	no data
💼 FedRAMP Moderate Security Controls → 💼 CM-3 Configuration Change Control (M)(H)	2		24	no data
💼 ISO/IEC 27001:2013 → 💼 A.12.4.1 Event logging		16	18	no data
💼 ISO/IEC 27001:2013 → 💼 A.14.1.1 Information security requirements analysis and specification		6	6	no data
💼 ISO/IEC 27001:2022 → 💼 8.15 Logging		20	35	no data
💼 ISO/IEC 27001:2022 → 💼 8.20 Networks security		6	15	no data
💼 NIST CSF v1.1 → 💼 DE.AE-2: Detected events are analyzed to understand attack targets and methods		19	24	no data
💼 NIST CSF v1.1 → 💼 DE.AE-3: Event data are collected and correlated from multiple sources and sensors		19	38	no data
💼 NIST CSF v1.1 → 💼 DE.CM-1: The network is monitored to detect potential cybersecurity events		19	63	no data
💼 NIST CSF v1.1 → 💼 DE.CM-3: Personnel activity is monitored to detect potential cybersecurity events		21	26	no data
💼 NIST CSF v1.1 → 💼 DE.CM-7: Monitoring for unauthorized personnel, connections, devices, and software is performed		19	24	no data
💼 NIST CSF v1.1 → 💼 DE.DP-4: Event detection information is communicated		30	33	no data
💼 NIST CSF v1.1 → 💼 ID.SC-4: Suppliers and third-party partners are routinely assessed using audits, test results, or other forms of evaluations to confirm they are meeting their contractual obligations		16	19	no data
💼 NIST CSF v1.1 → 💼 PR.IP-2: A System Development Life Cycle to manage systems is implemented		6	9	no data
💼 NIST CSF v1.1 → 💼 PR.PT-1: Audit/log records are determined, documented, implemented, and reviewed in accordance with policy		17	33	no data
💼 NIST CSF v1.1 → 💼 RS.AN-1: Notifications from detection systems are investigated		19	24	no data
💼 NIST CSF v1.1 → 💼 RS.CO-2: Incidents are reported consistent with established criteria		20	22	no data
💼 NIST CSF v2.0 → 💼 DE.AE-02: Potentially adverse events are analyzed to better understand associated activities			51	no data
💼 NIST CSF v2.0 → 💼 DE.AE-03: Information is correlated from multiple sources			66	no data
💼 NIST CSF v2.0 → 💼 DE.AE-06: Information on adverse events is provided to authorized staff and tools			33	no data
💼 NIST CSF v2.0 → 💼 DE.AE-07: Cyber threat intelligence and other contextual information are integrated into the analysis			38	no data
💼 NIST CSF v2.0 → 💼 DE.CM-01: Networks and network services are monitored to find potentially adverse events			185	no data
💼 NIST CSF v2.0 → 💼 DE.CM-03: Personnel activity and technology usage are monitored to find potentially adverse events			105	no data
💼 NIST CSF v2.0 → 💼 DE.CM-06: External service provider activities and services are monitored to find potentially adverse events			51	no data
💼 NIST CSF v2.0 → 💼 DE.CM-09: Computing hardware and software, runtime environments, and their data are monitored to find potentially adverse events			182	no data
💼 NIST CSF v2.0 → 💼 GV.SC-07: The risks posed by a supplier, their products and services, and other third parties are understood, recorded, prioritized, assessed, responded to, and monitored over the course of the relationship			26	no data
💼 NIST CSF v2.0 → 💼 ID.RA-07: Changes and exceptions are managed, assessed for risk impact, recorded, and tracked			50	no data
💼 NIST CSF v2.0 → 💼 ID.RA-10: Critical suppliers are assessed prior to acquisition			26	no data
💼 NIST CSF v2.0 → 💼 RC.CO-04: Public updates on incident recovery are shared using approved methods and messaging			22	no data
💼 NIST CSF v2.0 → 💼 RS.CO-02: Internal and external stakeholders are notified of incidents			31	no data
💼 NIST CSF v2.0 → 💼 RS.MA-02: Incident reports are triaged and validated			25	no data
💼 NIST SP 800-53 Revision 5 → 💼 AC-6(9) Least Privilege _ Log Use of Privileged Functions		17	25	no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-12 Audit Record Generation	4	48	74	no data
💼 NIST SP 800-53 Revision 5 → 💼 CM-3 Configuration Change Control	8	17	41	no data
💼 SOC 2 → 💼 CC5.2-3 Establishes Relevant Security Management Process Controls Activities		16	36	no data
💼 SOC 2 → 💼 CC7.1-2 Monitors Infrastructure and Software		8	11	no data

Stats​

Logic​

Similar Policies​

Similar Internal Rules​

Description​

Description​

Rationale​

Audit​

From Azure Portal​

From Azure CLI​

Remediation​

Remediation​

From Azure Portal​

From Azure CLI​

From PowerShell​

policy.yaml​

Linked Framework Sections​

Stats

Logic

Similar Policies

Similar Internal Rules

Description

Description

Rationale

Audit

From Azure Portal

From Azure CLI

Remediation

Remediation

From Azure Portal

From Azure CLI

From PowerShell

policy.yaml

Linked Framework Sections