Skip to content
ATO Pathways
  Log In

Set type of computer node name logging in audit logs

An XCCDF Rule

Description

To configure Audit daemon to use a unique identifier as computer node name in the audit events, set name_format to in /etc/audit/auditd.conf.

warning alert: Warning

Whenever the variable 
var_auditd_name_format
uses a multiple value option, for example 
A|B|C
, the first value will be used when remediating this rule.

Rationale

If option name_format is left at its default value of none, audit events from different computers may be hard to distinguish.

ID
xccdf_org.ssgproject.content_rule_auditd_name_format
Severity
Medium
References
Updated



Remediation - Kubernetes Patch

---
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
  config:
    ignition: