STIGQter: STIG Summary: Red Hat Enterprise Linux 8 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 23 Apr 2021:

RHEL 8 must have the packages required for encrypting offloaded audit logs installed.

DISA Rule

SV-230478r627750_rule

Vulnerability Number

V-230478

Group Title

SRG-OS-000480-GPOS-00227

Rule Version

RHEL-08-030680

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Configure the operating system to encrypt offloaded audit logs by installing the required packages with the following command:

$ sudo yum install gnutls

Check Contents

Verify the operating system has the packages required for encrypting offloaded audit logs installed with the following commands:

$ sudo yum list installed gnutls

gnutls.x86_64 3.6.8-9.el8 @anaconda

If the "gnutls" package is not installed, ask the administrator to indicate how audit logs are being encrypted during offloading and what packages are installed to support it. If there is no evidence of audit logs being encrypted during offloading, this is a finding.

Vulnerability Number

V-230478

Documentable

False

Rule Version

RHEL-08-030680

Severity Override Guidance

Verify the operating system has the packages required for encrypting offloaded audit logs installed with the following commands:

$ sudo yum list installed gnutls

gnutls.x86_64 3.6.8-9.el8 @anaconda

If the "gnutls" package is not installed, ask the administrator to indicate how audit logs are being encrypted during offloading and what packages are installed to support it. If there is no evidence of audit logs being encrypted during offloading, this is a finding.

Check Content Reference

M

Target Key

2921

Comments