Capacity
SRG-OS-000037-GPOS-00015
1
Rule
Severity: High
Enable audit Service
29
Rule
Severity: Medium
Ensure the audit Subsystem is Installed
30
Rule
Severity: Medium
Enable auditd Service
29
Rule
Severity: Medium
Ensure auditd Collects Information on Exporting to Media (successful)
29
Rule
Severity: Medium
Ensure auditd Collects System Administrator Actions
29
Rule
Severity: Medium
Record Events that Modify User/Group Information
29
Rule
Severity: Medium
Record Events that Modify the System's Discretionary Access Controls - chmod
29
Rule
Severity: Medium
Record Events that Modify the System's Discretionary Access Controls - chown
29
Rule
Severity: Medium
Record Events that Modify the System's Discretionary Access Controls - fchmod
29
Rule
Severity: Medium
Record Events that Modify the System's Discretionary Access Controls - fchmodat
29
Rule
Severity: Medium
Record Events that Modify the System's Discretionary Access Controls - fchown
29
Rule
Severity: Medium
Record Events that Modify the System's Discretionary Access Controls - fchownat
29
Rule
Severity: Medium
Record Events that Modify the System's Discretionary Access Controls - fremovexattr
29
Rule
Severity: Medium
Record Events that Modify the System's Discretionary Access Controls - fsetxattr
29
Rule
Severity: Medium
Record Events that Modify the System's Discretionary Access Controls - lchown
29
Rule
Severity: Medium
Record Events that Modify the System's Discretionary Access Controls - lremovexattr
29
Rule
Severity: Medium
Record Events that Modify the System's Discretionary Access Controls - lsetxattr
29
Rule
Severity: Medium
Record Events that Modify the System's Discretionary Access Controls - removexattr
29
Rule
Severity: Medium
Record Events that Modify the System's Discretionary Access Controls - setxattr
29
Rule
Severity: Medium
Record Events that Modify the System's Discretionary Access Controls - umount
29
Rule
Severity: Medium
Record Events that Modify the System's Discretionary Access Controls - umount2
29
Rule
Severity: Medium
Ensure auditd Collects File Deletion Events by User - rename
29
Rule
Severity: Medium
Ensure auditd Collects File Deletion Events by User - renameat
29
Rule
Severity: Medium
Ensure auditd Collects File Deletion Events by User - rmdir
29
Rule
Severity: Medium
Ensure auditd Collects File Deletion Events by User - unlink
29
Rule
Severity: Medium
Ensure auditd Collects File Deletion Events by User - unlinkat
23
Rule
Severity: Medium
Record Unsuccessful Access Attempts to Files - creat
23
Rule
Severity: Medium
Record Unsuccessful Access Attempts to Files - ftruncate
23
Rule
Severity: Medium
Record Unsuccessful Access Attempts to Files - open
24
Rule
Severity: Medium
Record Unsuccessful Access Attempts to Files - open_by_handle_at
23
Rule
Severity: Medium
Record Unsuccessful Access Attempts to Files - openat
23
Rule
Severity: Medium
Record Unsuccessful Access Attempts to Files - truncate
22
Rule
Severity: Medium
Ensure auditd Collects Information on Kernel Module Unloading - delete_module
23
Rule
Severity: Medium
Ensure auditd Collects Information on Kernel Module Loading and Unloading - finit_module
22
Rule
Severity: Medium
Ensure auditd Collects Information on Kernel Module Loading - init_module
3
Rule
Severity: Medium
Ensure the audit-libs package as a part of audit Subsystem is Installed
19
Rule
Severity: Low
Enable Auditing for Processes Which Start Prior to the Audit Daemon
17
Rule
Severity: Low
Extend Audit Backlog Limit for the Audit Daemon
20
Rule
Severity: Medium
Record Events that Modify User/Group Information - /etc/group
20
Rule
Severity: Medium
Record Events that Modify User/Group Information - /etc/gshadow
20
Rule
Severity: Medium
Record Events that Modify User/Group Information - /etc/security/opasswd
20
Rule
Severity: Medium
Record Events that Modify User/Group Information - /etc/passwd
20
Rule
Severity: Medium
Record Events that Modify User/Group Information - /etc/shadow
17
Rule
Severity: Medium
Record Any Attempts to Run chcon
14
Rule
Severity: Medium
Record Any Attempts to Run semanage
13
Rule
Severity: Medium
Record Any Attempts to Run setfiles
14
Rule
Severity: Medium
Record Any Attempts to Run setsebool
23
Rule
Severity: Medium
Record Attempts to Alter Logon and Logout Events - lastlog
17
Rule
Severity: Medium
Ensure auditd Collects Information on the Use of Privileged Commands - chage
17
Rule
Severity: Medium
Ensure auditd Collects Information on the Use of Privileged Commands - chsh
17
Rule
Severity: Medium
Ensure auditd Collects Information on the Use of Privileged Commands - crontab
17
Rule
Severity: Medium
Ensure auditd Collects Information on the Use of Privileged Commands - gpasswd
9
Rule
Severity: Medium
Ensure auditd Collects Information on the Use of Privileged Commands - insmod
14
Rule
Severity: Medium
Ensure auditd Collects Information on the Use of Privileged Commands - kmod
9
Rule
Severity: Medium
Ensure auditd Collects Information on the Use of Privileged Commands - modprobe
16
Rule
Severity: Medium
Ensure auditd Collects Information on the Use of Privileged Commands - mount
17
Rule
Severity: Medium
Ensure auditd Collects Information on the Use of Privileged Commands - newgrp
17
Rule
Severity: Medium
Ensure auditd Collects Information on the Use of Privileged Commands - pam_timestamp_check
17
Rule
Severity: Medium
Ensure auditd Collects Information on the Use of Privileged Commands - passwd
16
Rule
Severity: Medium
Ensure auditd Collects Information on the Use of Privileged Commands - postdrop
16
Rule
Severity: Medium
Ensure auditd Collects Information on the Use of Privileged Commands - postqueue
9
Rule
Severity: Medium
Ensure auditd Collects Information on the Use of Privileged Commands - rmmod
17
Rule
Severity: Medium
Ensure auditd Collects Information on the Use of Privileged Commands - ssh-keysign
17
Rule
Severity: Medium
Ensure auditd Collects Information on the Use of Privileged Commands - su
18
Rule
Severity: Medium
Ensure auditd Collects Information on the Use of Privileged Commands - sudo
16
Rule
Severity: Medium
Ensure auditd Collects Information on the Use of Privileged Commands - sudoedit
17
Rule
Severity: Medium
Ensure auditd Collects Information on the Use of Privileged Commands - umount
17
Rule
Severity: Medium
Ensure auditd Collects Information on the Use of Privileged Commands - unix_chkpwd
14
Rule
Severity: Medium
Ensure auditd Collects Information on the Use of Privileged Commands - userhelper
8
Rule
Severity: Medium
Ensure auditd Collects System Administrator Actions - /etc/sudoers
7
Rule
Severity: Medium
Ensure auditd Collects System Administrator Actions - /etc/sudoers.d/
14
Rule
Severity: Medium
Record Any Attempts to Run chacl
11
Rule
Severity: Medium
Record Any Attempts to Run setfacl
11
Rule
Severity: Medium
Record Any Attempts to Run ssh-agent
8
Rule
Severity: Medium
Ensure auditd Collects Information on the Use of Privileged Commands - unix_update
14
Rule
Severity: Medium
Ensure auditd Collects Information on the Use of Privileged Commands - usermod
2
Rule
Severity: Medium
Ensure the libaudit1 package as a part of audit Subsystem is Installed
2
Rule
Severity: Medium
Record Any Attempts to Run chmod
2
Rule
Severity: Medium
Record Any Attempts to Run rm
4
Rule
Severity: Medium
Record Attempts to Alter Logon and Logout Events - faillog
2
Rule
Severity: Medium
Ensure auditd Collects Information on the Use of Privileged Commands - passmass
1
Rule
Severity: Medium
Ensure auditd Collects Information on the Use of Privileged Commands - unix2_chkpwd
Patternfly
PatternFly elements
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Modules