Azure-PostgreSQLServer-Log-Retention-Period

Severity: Medium

Description: This control ensures that server parameter "log_retention_days" value is greater than 3 for PostgreSQL Database Server. Enabling log retention helps PostgreSQL Database to set the number of days a log file is retained which in turn generates query and error logs. Query and error logs can be used to identify, troubleshoot, and repair configuration errors and sub-optimal performance.

Remediation Steps:

Perform following to update PostgreSQL parameters:

1. Login to Azure Portal using https://portal.azure.com.

2. Go to PostgreSQL server.

3. For each database, click on Server parameters.

4. Search for log_retention_days.

5. Enter value in range 4-7 (inclusive) and save.

Important:

Reference:

• Azure Foundations Benchmark v1.3.0 - 02-01-2021 : Recommendation #4.3.7