---

- name: "4.3 | L1 | PATCH | Ensure logrotate is configured"
  block:
      - name: "4.3 | L1 | AUDIT | Ensure logrotate is configured | Get logrotate settings"
        find:
            paths: /etc/logrotate.d/
        register: log_rotates

      - name: "4.3 | L1 | PATCH | Ensure logrotate is configured"
        replace:
            path: "{{ item.path }}"
            regexp: '^(\s*)(daily|weekly|monthly|yearly)$'
            replace: "\\1{{ rhel9cis_logrotate }}"
        with_items:
            - "{{ log_rotates.files }}"
            - { path: "/etc/logrotate.conf" }
  when:
      - rhel9cis_rule_4_3
  tags:
      - level1-server
      - level1-workstation
      - patch
      - rule_4.3