CCI-000157 requires audit logs be able to be used by a report generation capability. auditd logs can be parsed and used by a number of different utilities including aureport which is included in the audit package.
Signed-off-by: Willy Santos <[email protected]> --- rhel6/src/input/system/auditing.xml | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/rhel6/src/input/system/auditing.xml b/rhel6/src/input/system/auditing.xml index d904650..9630fd9 100644 --- a/rhel6/src/input/system/auditing.xml +++ b/rhel6/src/input/system/auditing.xml @@ -55,7 +55,7 @@ and impacting other services. This also minimizes the risk of the audit daemon temporarily disabling the system if it cannot write audit log (which it can be configured to do). </description> -<ref disa="120,166,1338,1339" /> +<ref disa="120,166,1338,1339,157" /> <Rule id="enable_auditd_service"> <title>Enable auditd Service</title> -- 1.7.7.6 _______________________________________________ scap-security-guide mailing list [email protected] https://fedorahosted.org/mailman/listinfo/scap-security-guide
