Ensure that all your Microsoft Azure PostgreSQL servers have a sufficient log retention period, i.e. greater than 3 days, configured for reliability and compliance purposes. The retention period, represented by the "log_retention_days" parameter, is the number of days to retain log data for the databases hosted on Azure PostgreSQL servers. The compliant value for the retention period is 4 to 7 days (inclusive).
A retention period of 4 days or more, should allow you to collect the necessary amount of logging data required to identify and mitigate any PostgreSQL security and performance issues. The logging data can contain query logs – useful to check for sub-optimal performance, and error logs – used to identify anomalies and potential security breaches, misuse of information and unauthorized access to PostgreSQL databases.
To determine if the log retention period ("log_retention_days" parameter) configured for your PostgreSQL database servers is greater than 3 days, perform the following actions:
Remediation / Resolution
To extend the log retention period for your Microsoft Azure PostgreSQL database servers, perform the following actions:
- Azure Official Documentation
- Monitor and tune Azure Database for PostgreSQL - Single Server
- Server logs in Azure Database for PostgreSQL - Single Server
- CIS Microsoft Azure Foundations
Unlock the Remediation Steps
Gain free unlimited access
to our full Knowledge Base
Over 750 rules & best practices
You are auditing:
Check for PostgreSQL Log Retention Period
Risk level: Medium