On 29/08/18 18:34, Dhanushka Parakrama wrote:
Hi Team
We have ran the scan for debian 8 using below command
*oscap xccdf eval --profile
xccdf_org.ssgproject.content_profile_anssi_np_nt28_high --report
report.html ssg-debian8-ds.xml*
*
*
Got alerts as below ,
===============
*
*
image.png
As the solution suggested change the group as below
*chgrp adm /var/log/* -R *
**
image.png
but we still getting the
*Ensure Log Files Are Owned By Appropriate Group -> Failed *
**
Is there any reason for that ?
Hello, Dhanushka,
The check for this rule also verifies if rsyslog is in use. Now,
unfortunately, it checks for rsyslog, not rsyslog-ng.
Here is where the check is defined:
https://github.com/OpenSCAP/scap-security-guide/blob/master/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/oval/shared.xml
Thank You
Dhanushka
_______________________________________________
Open-scap-list mailing list
Open-scap-list@redhat.com
https://www.redhat.com/mailman/listinfo/open-scap-list
--
Watson Sato
Security Technologies | Red Hat, Inc
_______________________________________________
Open-scap-list mailing list
Open-scap-list@redhat.com
https://www.redhat.com/mailman/listinfo/open-scap-list