Enabling log_checkpoints helps the PostgreSQL Database to Log each checkpoint in turn generates query and error logs. Query and error logs can be used to identify, troubleshoot, and repair configuration errors and sub-optimal performance.

This test is part the Audit Logging control (DCF-406) that ensures audit logs are enabled and active for all system components and sensitive data in accordance with company policies.

If Drata finds that 'log_checkpoints' is not enabled for one or more PostgreSQL databases, the test will fail. Enabling 'log_checkpoints' helps the PostgreSQL Database to log each checkpoint, which in turn generates query and error logs. Query and error logs can be used to identify, troubleshoot, and repair configuration errors and sub-optimal performance.

This is a test that aligns with the Center for Internet Security’s (CIS) benchmarks for Microsoft Azure, providing prescriptive guidance to establish a secure baseline configuration for Azure environments. These benchmarks are developed through a global, consensus-driven process involving cybersecurity experts to help organizations strengthen their defenses against potential threats in the cloud.