Exentsion to auditd

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
2022-10-14 12:29:06 +01:00 · 2022-10-14 12:29:06 +01:00 · 1d96539637
commit 1d96539637
parent acdb56a277
2 changed files with 23 additions and 0 deletions
--- a/tasks/section_4/cis_4.1.2.x.yml
+++ b/tasks/section_4/cis_4.1.2.x.yml
@ -51,3 +51,19 @@
      - patch
      - auditd
      - rule_4.1.2.3
+
+- name: PATCH | Configure other keys for auditd.conf
+  lineinfile:
+      path: /etc/audit/auditd.conf
+      regexp: "^{{ item }}( |=)"
+      line: "{{ item }} = {{ rhel9cis_auditd_extra_conf[item] }}"
+  loop: "{{ rhel9cis_auditd_extra_conf.keys() }}"
+  notify: restart auditd
+  when:
+    - rhel9cis_auditd_extra_conf.keys() | length > 0
+  tags:
+      - level2-server
+      - level2-workstation
+      - automated
+      - patch
+      - auditd