Australian Cyber Security Centre (ACSC) ISM Official
Rules and Groups employed by this XCCDF Profile
-
Write Audit Logs to the Disk
To configure Audit daemon to write Audit logs to the disk, setwrite_logstoyesin/etc/audit/auditd.conf. This is the default setting.Rule Medium Severity -
System Accounting with auditd
The <code>auditd</code> program can perform comprehensive monitoring of system activity. This section makes use of recommended configuration settings for specific policies or use cases. The rules i...Group -
Configure auditing of unsuccessful file accesses
Ensure that unsuccessful attempts to access a file are audited. The following rules configure audit as described above: <pre>## Unsuccessful file access (any other opens) This has to go last. -a a...Rule Medium Severity -
Configure auditing of successful file accesses
Ensure that successful attempts to access a file are audited. The following rules configure audit as described above: <pre>## Successful file access (any other opens) This has to go last. ## These...Rule Medium Severity -
Configure Syslog
The syslog service has been the default Unix logging mechanism for many years. It has a number of downsides, including inconsistent log format, lack of authentication for received messages, and lac...Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules