Check: RHEL-09-652015
RHEL 9 STIG:
RHEL-09-652015
(in versions v1 r3 through v1 r1)
Title
RHEL 9 must have the packages required for encrypting offloaded audit logs installed. (Cat II impact)
Discussion
The rsyslog-gnutls package provides Transport Layer Security (TLS) support for the rsyslog daemon, which enables secure remote logging. Satisfies: SRG-OS-000480-GPOS-00227, SRG-OS-000120-GPOS-00061
Check Content
Verify that RHEL 9 has the rsyslog-gnutls package installed with the following command: $ sudo dnf list --installed rsyslog-gnutls Example output: rsyslog-gnutls.x86_64 8.2102.0-101.el9_0.1 If the "rsyslog-gnutls" package is not installed, this is a finding.
Fix Text
The rsyslog-gnutls package can be installed with the following command: $ sudo dnf install rsyslog-gnutls
Additional Identifiers
Rule ID: SV-258141r926410_rule
Vulnerability ID: V-258141
Group Title: SRG-OS-000480-GPOS-00227
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-000366 |
The organization implements the security configuration settings. |
| CCI-000803 |
The information system implements mechanisms for authentication to a cryptographic module that meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication. |