Configure the "rsyslog service" setting to organizational standards.

Back

CONTROL ID
08799

CONTROL TYPE
Establish/Maintain Documentation

CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS

This Control directly supports the implied Control(s):

Configure Red Hat Enterprise Linux to Organizational Standards., CC ID: 08713

There are no implementation support Controls.

SELECTED AUTHORITY DOCUMENTS COMPLIED WITH

Ensure rsyslog Service is enabled and running Description: `rsyslog` needs to be enabled and running to perform logging Rationale: If the `rsyslog` service is not activated the system may default to the `syslogd` service or lack logging instead. Remediation Procedure: Run the following command to en… (4.2.1.2, CIS Amazon Linux 2 Benchmark, v.2.0.0, Level 1)
Ensure rsyslog Service is enabled and running Description: `rsyslog` needs to be enabled and running to perform logging Rationale: If the `rsyslog` service is not activated the system may default to the `syslogd` service or lack logging instead. Remediation Procedure: Run the following command to en… (4.2.1.2, CIS Amazon Linux 2 Benchmark, v.2.0.0, Level 2)
Title: Activate the rsyslog Service Description: The chkconfig command can be used to ensure that the syslog service is turned off and that the rsyslog service is turned on. Rationale: It is important to ensure that syslog is turned off so that it does not interfere with the rsyslog service. Fix… (Rule: xccdf_org.cisecurity.benchmarks_rule_4.1.2_Activate_the_rsyslog_Service Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_4.1.2.1_services.rsyslog.enabled, The Center for Internet Security CentOS 6 Level 1 Benchmark, 1.0.0)
Title: Activate the rsyslog Service Description: The chkconfig command can be used to ensure that the syslog service is turned off and that the rsyslog service is turned on. Rationale: It is important to ensure that syslog is turned off so that it does not interfere with the rsyslog service. … (Rule:xccdf_org.cisecurity.benchmarks_rule_5.1.2_Activate_the_rsyslog_Service Artifact Expression:xccdf_org.cisecurity.benchmarks_ae_5.1.2.1_services.rsyslog.enabled, The Center for Internet Security Red Hat Enterprise Linux 6 Level 1 Benchmark, 1.2.0)
Title: Activate the rsyslog Service Description: The chkconfig command can be used to ensure that the syslog service is turned off and that the rsyslog service is turned on. Rationale: It is important to ensure that syslog is turned off so that it does not interfere with the rsyslog service. … (Rule:xccdf_org.cisecurity.benchmarks_rule_5.1.2_Activate_the_rsyslog_Service Artifact Expression:xccdf_org.cisecurity.benchmarks_ae_5.1.2.1_services.rsyslog.enabled, The Center for Internet Security Red Hat Enterprise Linux 6 Level 2 Benchmark, 1.2.0)
Title: Ensure the rsyslog Service is activated Description: Once the rsyslog package is installed it needs to be activated. Rationale: If the rsyslog service is not activated the system will not have a syslog service running. Fix Text: Set the proper start conditions in /etc/init/rs… (Rule: xccdf_org.cisecurity.benchmarks_rule_8.2.2_Ensure_the_rsyslog_Service_is_activated Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_8.2.2.1_, The Center for Internet Security Ubuntu 12.04 LTS Level 1 Benchmark, v1.0.0)
Title: Ensure the rsyslog Service is activated Description: Once the rsyslog package is installed it needs to be activated. Rationale: If the rsyslog service is not activated the system will not have a syslog service running. Fix Text: Set the proper start conditions in /etc/init/rs… (Rule: xccdf_org.cisecurity.benchmarks_rule_8.2.2_Ensure_the_rsyslog_Service_is_activated Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_8.2.2.1_, The Center for Internet Security Ubuntu 12.04 LTS Level 2 Benchmark, v1.0.0)
Ensure rsyslog Service is enabled Description: Once the `rsyslog` package is installed it needs to be activated. Rationale: If the `rsyslog` service is not activated the system may default to the `syslogd` service or lack logging instead. Remediation Procedure: Run the following command to enable `r… (4.2.1.2, CIS Oracle Linux 8 Benchmark, Server Level 1, v1.0.1)
Ensure rsyslog Service is enabled Description: Once the `rsyslog` package is installed it needs to be activated. Rationale: If the `rsyslog` service is not activated the system may default to the `syslogd` service or lack logging instead. Remediation Procedure: Run the following command to enable `r… (4.2.1.2, CIS Oracle Linux 8 Benchmark, Server Level 2, v1.0.1)
The rsyslog service should be enabled or disabled as appropriate. Technical Mechanisms: via chkconfig Parameters: enabled / disabled References: Section: 2.6.1.2.2 - Ensure the rsyslog Service is Activated (CCE-17698-2, Common Configuration Enumeration List, Combined XML: Red Hat Enterprise Linux 5, 5.20130214)