From 5815c43654ed516f4c2f968d544b4f990efe0a34 Mon Sep 17 00:00:00 2001
From: "root@DERVISHx" <nuno.carvalho@siemens.com>
Date: Wed, 27 Dec 2023 15:39:46 +0000
Subject: [PATCH] Added vars for streams.

Signed-off-by: root@DERVISHx <nuno.carvalho@siemens.com>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
---
 defaults/main.yml  | 2 +-
 vars/AlmaLinux.yml | 6 ++++++
 vars/Rocky.yml     | 6 ++++++
 3 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/defaults/main.yml b/defaults/main.yml
index 3f204d1..bc123f5 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -880,7 +880,7 @@ rhel9cis_auditd_uid_exclude:
 # This variable governs which logging service should be used, choosing between 'rsyslog'(CIS recommendation)
 # or 'journald'(only one is implemented) will trigger the execution of the associated subsection, as the-best
 # practices are written wholly independent of each other.
-rhel9cis_syslog: rsyslog
+rhel9cis_syslog: journald
 ## Control 4.2.1.5 | PATCH | Ensure logging is configured
 # This variable governs if current Ansible role should manage syslog settings
 # in /etc/rsyslog.conf file, namely mail, news and misc(warn, messages)
diff --git a/vars/AlmaLinux.yml b/vars/AlmaLinux.yml
index b0eb3d9..a0fa6ba 100644
--- a/vars/AlmaLinux.yml
+++ b/vars/AlmaLinux.yml
@@ -5,3 +5,9 @@ os_gpg_key_pubkey_name: gpg-pubkey-b86b3716-61e69f29
 os_gpg_key_pubkey_content: "AlmaLinux OS 9 <packager@almalinux.org> b86b3716"
 # disable repo_gpgcheck due to OS default repos
 rhel9cis_rule_enable_repogpg: false
+
+rhel9cis_sshd:
+    # This variable sets the maximum number of unresponsive "keep-alive" messages
+    # that can be sent from the server to the client before the connection is considered
+    # inactive and thus, closed.
+    clientalivecountmax: 3
\ No newline at end of file
diff --git a/vars/Rocky.yml b/vars/Rocky.yml
index 77af29c..7d9f014 100644
--- a/vars/Rocky.yml
+++ b/vars/Rocky.yml
@@ -3,3 +3,9 @@
 
 os_gpg_key_pubkey_name: gpg-pubkey-350d275d-6279464b
 os_gpg_key_pubkey_content: "Rocky Enterprise Software Foundation - Release key 2022 <releng@rockylinux.org> 350d275d"
+
+rhel9cis_sshd:
+    # This variable sets the maximum number of unresponsive "keep-alive" messages
+    # that can be sent from the server to the client before the connection is considered
+    # inactive and thus, closed.
+    clientalivecountmax: 3
\ No newline at end of file