-
Notifications
You must be signed in to change notification settings - Fork 165
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CIS-CAT-PRO audit finding 4.2.2.4 #280
Labels
bug
Something isn't working
Comments
Contents of # This file is part of systemd.
#
# systemd is free software; you can redistribute it and/or modify it
# under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation; either version 2.1 of the License, or
# (at your option) any later version.
#
# Entries in this file show the compile time defaults.
# You can change settings by editing this file.
# Defaults can be restored by simply deleting this file.
#
# See journald.conf(5) for details.
[Journal]
#Storage=auto
#Compress=yes
#Seal=yes
#SplitMode=uid
#SyncIntervalSec=5m
#RateLimitIntervalSec=30s
#RateLimitBurst=10000
#SystemMaxUse=
#SystemKeepFree=
#SystemMaxFileSize=
#SystemMaxFiles=100
#RuntimeMaxUse=
#RuntimeKeepFree=
#RuntimeMaxFileSize=
#RuntimeMaxFiles=100
#MaxRetentionSec=
#MaxFileSec=1month
ForwardToSyslog=yes
#ForwardToKMsg=no
#ForwardToConsole=no
#ForwardToWall=yes
#TTYPath=/dev/console
#MaxLevelStore=debug
#MaxLevelSyslog=debug
#MaxLevelKMsg=notice
#MaxLevelConsole=info
#MaxLevelWall=emerg
#LineMax=48K |
bbaassssiiee
added a commit
to TeamSalvador/RHEL8-CIS
that referenced
this issue
Apr 17, 2023
bbaassssiiee
added a commit
to TeamSalvador/RHEL8-CIS
that referenced
this issue
Apr 17, 2023
Signed-off-by: Bas Meijer <[email protected]>
Merged
uk-bolly
added a commit
that referenced
this issue
Apr 25, 2023
Merged
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description:
Ensure journald is configured to write logfiles to persistent disk
Data from journald may be stored in volatile memory or persisted locally on the server. Logs in memory will be lost upon a system reboot. By persisting logs to local disk on the server they are protected from loss due to a reboot.
Writing log data to disk will provide the ability to forensically reconstruct events which may have impacted the operations or security of a system even after a system crash or reboot.
Edit the /etc/systemd/journald.conf file and add the following line:
Expected Behavior
The line is explicit and uncommented.
Actual Behavior
The line is commented, as if the regexp didn't match for some reason.
Control(s) Affected
What controls are being affected by the issue: CIS 4.2.2.4
Environment (please complete the following information):
Additional Notes
CIS-CAT_PRO is the official audit tool for CIS members.
Possible Solution
Enter a suggested fix here
The text was updated successfully, but these errors were encountered: