Skip to content

Guide to the Secure Configuration of Red Hat Enterprise Linux CoreOS 4

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Account for auditd to send email when actions occurs

    The setting for action_mail_acct in /etc/audit/auditd.conf
    Value
  • Action for auditd to take when disk space is low

    The setting for admin_space_left_action in /etc/audit/auditd.conf
    Value
  • The percentage remaining in disk space before prompting admin_space_left_action

    The setting for admin_space_left as a percentage in /etc/audit/auditd.conf
    Value
  • Action for auditd to take when disk errors

    'The setting for disk_error_action in /etc/audit/auditd.conf, if multiple values are allowed write them separated by pipes as in "syslog|single|hal...
    Value
  • Action for auditd to take when disk is full

    'The setting for disk_full_action in /etc/audit/auditd.conf, if multiple values are allowed write them separated by pipes as in "syslog|single|halt...
    Value
  • Auditd priority for flushing data to disk

    The setting for flush in /etc/audit/auditd.conf
    Value
  • Number of Record to Retain Before Flushing to Disk

    The setting for freq in /etc/audit/auditd.conf
    Value
  • Maximum audit log file size for auditd

    The setting for max_log_file in /etc/audit/auditd.conf
    Value
  • Nftables Tables

    Tables in nftables hold chains. Each table only has one address family and only applies to packets of this family. Tables can have one of six fami...
    Value
  • Action for auditd to take when log files reach their maximum size

    The setting for max_log_file_action in /etc/audit/auditd.conf. The following options are available: <br>ignore - audit daemon does nothing. <br>sys...
    Value

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules