STIGQter: STIG Summary: Red Hat Enterprise Linux 7 Security Technical Implementation Guide Version: 3 Release: 3 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: Red Hat Enterprise Linux 7 Security Technical Implementation Guide Version: 3 Release: 3 Benchmark Date: 23 Apr 2021:SV-204489r603261_rule
V-204489
SRG-OS-000480-GPOS-00227
RHEL-07-021100
CAT II
10
Configure "rsyslog" to log all cron messages by adding or updating the following line to "/etc/rsyslog.conf" or a configuration file in the /etc/rsyslog.d/ directory:
cron.* /var/log/cron.log
Verify that "rsyslog" is configured to log cron events.
Check the configuration of "/etc/rsyslog.conf" or "/etc/rsyslog.d/*.conf" files for the cron facility with the following command:
Note: If another logging package is used, substitute the utility configuration file for "/etc/rsyslog.conf" or "/etc/rsyslog.d/*.conf" files.
# grep cron /etc/rsyslog.conf /etc/rsyslog.d/*.conf
cron.* /var/log/cron.log
If the command does not return a response, check for cron logging all facilities by inspecting the "/etc/rsyslog.conf" or "/etc/rsyslog.d/*.conf" files.
Look for the following entry:
*.* /var/log/messages
If "rsyslog" is not logging messages for the cron facility or all facilities, this is a finding.
V-204489
False
RHEL-07-021100
Verify that "rsyslog" is configured to log cron events.
Check the configuration of "/etc/rsyslog.conf" or "/etc/rsyslog.d/*.conf" files for the cron facility with the following command:
Note: If another logging package is used, substitute the utility configuration file for "/etc/rsyslog.conf" or "/etc/rsyslog.d/*.conf" files.
# grep cron /etc/rsyslog.conf /etc/rsyslog.d/*.conf
cron.* /var/log/cron.log
If the command does not return a response, check for cron logging all facilities by inspecting the "/etc/rsyslog.conf" or "/etc/rsyslog.d/*.conf" files.
Look for the following entry:
*.* /var/log/messages
If "rsyslog" is not logging messages for the cron facility or all facilities, this is a finding.
M
2899