---

{{ if .Vars.ubtu24cis_level_1 }}
  {{ if .Vars.ubtu24cis_rule_6_1_3_7 }}
    {{ if not .Vars.ubtu24cis_remote_log_server }}
command:
  local_syslog_module:
    title: 6.1.3.7 | Ensure rsyslog is not configured to recieve logs from a remote client | module
    exec: grep "imtcp" /etc/rsyslog.conf /etc/rsyslog.d/*.conf | grep -Ev ":#|port="
    exit-status:
      or:
      - 0
      - 1
      - 2
    stdout:
    - '!/.*/'
    meta:
      server: 1
      workstation: 1
      CIS_ID:
      - 6.1.3.7
      CISv8:
      - 4.8
      - 8.2
      CISv8_IG1: true
      CISv8_IG2: true
      CISv8_IG3: true
      NIST800-53R5:
      - AU-2
      - AU-7
      - AU-12
      - CM-6
  local_syslog_input:
    title: 6.1.3.7 | Ensure rsyslog is not configured to recieve logs from a remote client | server/port
    exec: grep -E "imtcp\" port|InputTCPServerRun" /etc/rsyslog.conf /etc/rsyslog.d/*.conf | grep -v ":#"
    exit-status:
      or:
      - 0
      - 1
      - 2
    stdout:
    - '!/.*/'
    meta:
      server: 1
      workstation: 1
      CIS_ID:
      - 6.1.3.7
      CISv8:
      - 4.8
      - 8.2
      CISv8_IG1: true
      CISv8_IG2: true
      CISv8_IG3: true
      NIST800-53R5:
      - AU-2
      - AU-7
      - AU-12
      - CM-6
    {{ end }}
  {{ end }}
{{ end }}