ansible-lockdown/RHEL9-CIS
3
0
Fork 1
mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2025-12-27 15:33:06 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Merge branch 'siemens/rhel9/devel' of code.siemens.com:infosec-pss-gov/security-crafter-baseline-automations/ansible-lockdown/rhel9-cis into siemens/rhel9/devel

Browse source 
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
This commit is contained in:
Ionut Pruteanu 2024-01-30 23:16:54 +02:00
commit 9bd22c220d
No known key found for this signature in database
GPG key ID: 95B7D43B702B3569
1 changed files with 6 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

6
defaults/main.yml
View file

@ -853,6 +853,12 @@ rhel9cis_auditd:
# CIS prescribes the value `keep_logs`.
max_log_file_action: keep_logs
## Control 4.1.1.4 - Ensure rhel9cis_audit_back_log_limit is sufficient
# This variable represents the audit backlog limit, i.e., the maximum number of audit records that the
# system can buffer in memory, if the audit subsystem is unable to process them in real-time.
# Buffering in memory is useful in situations, where the audit system is overwhelmed
# with incoming audit events, and needs to temporarily store them until they can be processed.
# This variable should be set to a sufficient value. The CIS baseline recommends at least `8192` as value.
# This value governs if the below extra-vars for auditd should be used by the role
rhel9cis_auditd_extra_conf_usage: false