DISA STIG for Red Hat Enterprise Linux CoreOS
Rules and Groups employed by this XCCDF Profile
-
Resolve information before writing to audit logs
To configure Audit daemon to resolve all uid, gid, syscall, architecture, and socket address information before writing the events to disk, set <code>log_format</code> to <code>ENRICHED</code> in <...Rule Low Severity -
System Accounting with auditd
The <code>auditd</code> program can perform comprehensive monitoring of system activity. This section makes use of recommended configuration settings for specific policies or use cases. The rules i...Group -
Configure auditing of unsuccessful file accesses
Ensure that unsuccessful attempts to access a file are audited. The following rules configure audit as described above: <pre>## Unsuccessful file access (any other opens) This has to go last. -a a...Rule Medium Severity -
Configure auditing of unsuccessful file creations
Ensure that unsuccessful attempts to create a file are audited. The following rules configure audit as described above: <pre>## Unsuccessful file creation (open with O_CREAT) -a always,exit -F arc...Rule Medium Severity -
Configure auditing of unsuccessful file deletions
Ensure that unsuccessful attempts to delete a file are audited. The following rules configure audit as described above: <pre>## Unsuccessful file delete -a always,exit -F arch=b32 -S unlink,unlink...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules