colin
/
UBUNTU24-CIS-Audit
mirror of https://github.com/ansible-lockdown/UBUNTU24-CIS-Audit.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
UBUNTU24-CIS-Audit/section_6/cis_6.1.3.x/cis_6.1.3.5.yml

38 lines
1014 B
YAML
Raw Permalink Blame History

---
{{ if .Vars.ubtu24cis_level_1 }}
{{ if .Vars.ubtu24cis_rule_6_1_3_5 }}
file:
/etc/rsyslog.conf:
title: 6.1.3.5 | Ensure logging is configured
exists: true
contents:
- '/^\*.emerg\s+:omusrmsg:\*/'
- '/auth,authpriv.\*\s+/var/log/secure/'
- '/^mail.\*\s+-/var/log/mail/'
- '/^mail.info\s+-/var/log/mail.info/'
- '/^mail.err\s+/var/log/mail.err/'
- '/^cron.\*\s+/var/log/cron/'
- '/^*.=warning;\*.=err\s+-/var/log/warn/'
- '/^*.crit\s+/var/log/warn/'
- '/^*.*;mail.none;news.none\s+/var/log/messages/'
- '/^local0,local1.\*\s+-/var/log/localmessages/'
- '/^local2,local3.\*\s+-/var/log/localmessages/'
- '/^local4,local5.\*\s+-/var/log/localmessages/'
- '/^local6,local7.\*\s+-/var/log/localmessages/'
meta:
server: 1
workstation: 1
CIS_ID:
- 6.1.3.5
CISv8: 8.2
CISv8_IG1: true
CISv8_IG2: true
CISv8_IG3: true
NIST800-53R5:
- AU-2
- AU-7
- AU-12
{{ end }}
{{ end }}
Reference in New Issue View Git Blame Copy Permalink