Hi Wasto Please correct me if i'm not mistaken . in the URL  that you shared i can't see the rsyslog-ng , instead of it have package_rsyslog_installed So its check for the correct package is'nt it ?
 https://github.com/ComplianceAsCode/content/blob/master/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/oval/shared.xml Thank you Dhanushka On Fri, 31 Aug 2018 at 18:28, Watson Yuuma Sato <ws...@redhat.com> wrote: > On 29/08/18 18:34, Dhanushka Parakrama wrote: > > Hi Team > > We have ran the scan for debian 8 using below command > > *oscap xccdf eval --profile > xccdf_org.ssgproject.content_profile_anssi_np_nt28_high --report > report.html ssg-debian8-ds.xml* > > Got alerts as below , > =============== > > [image: image.png] > > As the solution suggested change the group as below > > * chgrp adm /var/log/* -R * > > [image: image.png] > > but we still getting the > > *Ensure Log Files Are Owned By Appropriate Group -> Failed * > > Is there any reason for that ? > > Hello, Dhanushka, > > The check for this rule also verifies if rsyslog is in use. Now, > unfortunately, it checks for rsyslog, not rsyslog-ng. > > Here is where the check is defined: > https://github.com/OpenSCAP/scap-security-guide/blob/master/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/oval/shared.xml > > Thank You > > Dhanushka > > > > _______________________________________________ > Open-scap-list mailing > listOpenemail@example.com://www.redhat.com/mailman/listinfo/open-scap-list > > > -- > Watson Sato > Security Technologies | Red Hat, Inc > >
_______________________________________________ Open-scap-list mailing list Openfirstname.lastname@example.org https://www.redhat.com/mailman/listinfo/open-scap-list