Ensure that logging of long statements is disabled.
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | sql |
| Provider |
Description#
Database instance is configured to log SQL statements that exceed a certain duration, which may inadvertently capture sensitive data such as credentials or user information in logs. Logging of such statements should be disabled to prevent unintended data exposure.
Impact#
If exploited, sensitive information present in SQL statements could be exposed through database logs, increasing the risk of data breaches, unauthorized access, or regulatory non-compliance. Attackers or unauthorized users with log access may obtain confidential data that should remain protected.
Resolution#
Disable minimum duration statement logging completely