Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Guide to the Secure Configuration of SUSE Linux Enterprise 15
System Settings
Configure Syslog
Ensure Proper Configuration of Log Files
Ensure Rsyslog Authenticates Off-Loaded Audit Records
Ensure Rsyslog Authenticates Off-Loaded Audit Records
An XCCDF Rule
Details
Profiles
Prose
Ensure Rsyslog Authenticates Off-Loaded Audit Records
Medium Severity
Rsyslogd is a system utility providing support for message logging. Support for both internet and UNIX domain sockets enables this utility to support both local and remote logging. Couple this utility with
gnutls
(which is a secure communications library implementing the SSL, TLS and DTLS protocols), and you have a method to securely encrypt and off-load auditing. When using
rsyslogd
to off-load logs the remote system must be authenticated.