From c178cba7bc68031f460303fe836e74d89e36827c Mon Sep 17 00:00:00 2001
From: Mark Bolwell <mark.bollyuk@gmail.com>
Date: Wed, 29 Jan 2025 13:53:58 +0000
Subject: [PATCH] Updated comments

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
---
 vars/main.yml | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/vars/main.yml b/vars/main.yml
index 93439ad..c1d0fb3 100644
--- a/vars/main.yml
+++ b/vars/main.yml
@@ -24,9 +24,11 @@ warn_count: 0
 
 gpg_key_package: "{{ ansible_facts.distribution | lower }}-gpg-keys"
 
-## Control 6.3.3.x - Audit template
-# This variable governs if the auditd logic should be executed(if value is true).
-# NOTE: The current default value is likely to be overriden(via 'set_fact') by other further tasks(in sub-section 'Auditd rules').
+## Controls 6.3.3.x - Audit template
+# This variable is set to true by tasks 6.3.3.1 to 6.3.3.20. As a result, the
+# audit settings are overwritten with the role's template. In order to exclude
+# specific rules, you must set the variable of form `ubtu24cis_rule_6_3_3_x` above
+# to `false`.
 update_audit_template: false
 
 # Defaults