Enable syslog-ng Service

An XCCDF Rule

Description

The syslog-ng service (in replacement of rsyslog) provides syslog-style logging by default on Debian. The syslog-ng service can be enabled with the following manifest:

---
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
metadata:
  labels:
    machineconfiguration.openshift.io/role: master
  name: 75-master-syslog-ng-enable
spec:
  config:
    ignition:
      version: 3.1.0
    systemd:
      units:
      - name: syslog-ng.service
        enabled: true

This will enable the syslog-ng service in all the nodes labeled with the "master" role.

Note that this needs to be done for each MachineConfigPool

For more information on how to configure nodes with the Machine Config Operator see the relevant documentation.

Rationale

The syslog-ng service must be running in order to provide logging services, which are essential to system administration.

ID: xccdf_org.ssgproject.content_rule_service_syslogng_enabled
Severity: Medium
References: BP28(R46) BP28(R5)

1 12 13 14 15 16 2 3 5 6 7 8 9

APO10.01 APO10.03 APO10.04 APO10.05 APO11.04 APO13.01 BAI03.05 BAI04.04 DSS01.03 DSS03.05 DSS05.02 DSS05.04 DSS05.05 DSS05.07 MEA01.01 MEA01.02 MEA01.03 MEA01.04 MEA01.05 MEA02.01

CCI-001311 CCI-001312 CCI-001557 CCI-001851

4.3.2.6.7 4.3.3.3.9 4.3.3.5.8 4.3.4.4.7 4.4.2.1 4.4.2.2 4.4.2.4

SR 2.10 SR 2.11 SR 2.12 SR 2.8 SR 2.9 SR 6.1 SR 6.2 SR 7.1 SR 7.2

A.12.1.3 A.12.4.1 A.12.4.2 A.12.4.3 A.12.4.4 A.12.7.1 A.14.2.7 A.15.2.1 A.15.2.2 A.17.2.1

AU-4(1) CM-6(a)

DE.CM-1 DE.CM-3 DE.CM-7 ID.SC-4 PR.DS-4 PR.PT-1
Updated: about 1 year ago