Ensure logging is configured
An XCCDF Rule
Description
The /etc/rsyslog.conf
and /etc/rsyslog.d/*.conf
files
specifies rules for logging and which files are to be used to log certain
classes of messages.
warning alert: Warning
This rule does not come with remediation as there is no one way to solve the problem, and
the requirement from CIS specification does not require one particular way, but persuades
the system administrator to perform configuration suitable for the specific environment.
This also means that the OVAL check is too generic, and the user most probably should
perform additional manual verification.
Rationale
A great deal of important security-related information is sent via rsyslog (e.g., successful and failed su attempts, failed login attempts, root login attempts, etc.).
- ID
- xccdf_org.ssgproject.content_rule_rsyslog_logging_configured
- Severity
- Medium
- References
- Updated