Ensure Proper Configuration of Log Files
An XCCDF Group
Description
The file /etc/rsyslog.conf
controls where log message are written.
These are controlled by lines called rules, which consist of a
selector and an action.
These rules are often customized depending on the role of the system, the
requirements of the environment, and whatever may enable
the administrator to most effectively make use of log data.
The default rules in Anolis OS 23 are:
*.info;mail.none;authpriv.none;cron.none /var/log/messages authpriv.* /var/log/secure mail.* -/var/log/maillog cron.* /var/log/cron *.emerg * uucp,news.crit /var/log/spooler local7.* /var/log/boot.logSee the man page
rsyslog.conf(5)
for more information.
Note that the rsyslog
daemon can be configured to use a timestamp format that
some log processing programs may not understand. If this occurs,
edit the file /etc/rsyslog.conf
and add or edit the following line:
$ ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
- ID
- xccdf_org.ssgproject.content_group_ensure_rsyslog_log_file_configuration
- Child Items
- Updated