Skip to content

DRAFT - DISA STIG with GUI for Oracle Linux 9

Rules and Groups employed by this XCCDF Profile

  • Ensure Rsyslog Authenticates Off-Loaded Audit Records

    Rsyslogd is a system utility providing support for message logging. Support for both internet and UNIX domain sockets enables this utility to suppo...
    Rule Medium Severity
  • Ensure Rsyslog Encrypts Off-Loaded Audit Records

    Rsyslogd is a system utility providing support for message logging. Support for both internet and UNIX domain sockets enables this utility to suppo...
    Rule Medium Severity
  • Ensure Rsyslog Encrypts Off-Loaded Audit Records

    Rsyslogd is a system utility providing support for message logging. Support for both internet and UNIX domain sockets enables this utility to suppo...
    Rule Medium Severity
  • Ensure remote access methods are monitored in Rsyslog

    Logging of remote access methods must be implemented to help identify cyber attacks and ensure ongoing compliance with remote access policies are b...
    Rule Medium Severity
  • systemd-journald

    systemd-journald is a system service that collects and stores logging data. It creates and maintains structured, indexed journals based on logging ...
    Group
  • Enable systemd-journald Service

    The <code>systemd-journald</code> service is an essential component of systemd. The <code>systemd-journald</code> service can be enabled with the ...
    Rule Medium Severity
  • Configure rsyslogd to Accept Remote Messages If Acting as a Log Server

    By default, <code>rsyslog</code> does not listen over the network for log messages. If needed, modules can be enabled to allow the rsyslog daemon t...
    Group
  • Ensure rsyslog Does Not Accept Remote Messages Unless Acting As Log Server

    The <code>rsyslog</code> daemon should not accept remote messages unless the system acts as a log server. To ensure that it is not listening on the...
    Rule Medium Severity
  • Rsyslog Logs Sent To Remote Host

    If system logs are to be useful in detecting malicious activities, it is necessary to send logs to a remote server. An intruder who has compromised...
    Group
  • Ensure Logs Sent To Remote Host

    To configure rsyslog to send logs to a remote log server, open <code>/etc/rsyslog.conf</code> and read and understand the last section of the file,...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules