ansible-lockdown/RHEL9-CIS
3
0
Fork 1
mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2025-12-24 14:23:05 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Defining some threshold for (audit_)space_left vars, as well as a bool which governs if extra params will be configured

Browse source 
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
This commit is contained in:
Ionut Pruteanu 2023-12-20 22:21:14 +02:00
parent 88ffe32137
commit ca41b128cd
No known key found for this signature in database
GPG key ID: 95B7D43B702B3569
2 changed files with 12 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

11
defaults/main.yml
View file

@ -529,6 +529,17 @@ rhel9cis_auditd:
max_log_file: 10
max_log_file_action: keep_logs
# This value governs if the below extra-vars for auditd should be used by the role
rhel9cis_auditd_extra_conf_usage: false
# This can be used to configure other keys in auditd.conf
# Example:
# rhel9cis_auditd_extra_conf:
# admin_space_left: '10%'
rhel9cis_auditd_extra_conf:
admin_space_left: 50
space_left: 75
# The audit_back_log_limit value should never be below 8192
rhel9cis_audit_back_log_limit: 8192