From 499b67ceb252ea3fea55a7bda14854412f15eb25 Mon Sep 17 00:00:00 2001
From: Mark Bolwell <mark.bollyuk@gmail.com>
Date: Thu, 19 Jan 2023 14:51:30 +0000
Subject: [PATCH] Updated rsyslog server variable

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
---
 defaults/main.yml                  |  4 +++-
 tasks/section_4/cis_4.2.1.x.yml    |  2 +-
 templates/ansible_vars_goss.yml.j2 | 10 +++++++++-
 3 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/defaults/main.yml b/defaults/main.yml
index 635d8ea..b488183 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -530,12 +530,14 @@ rhel9cis_syslog: rsyslog
 rhel9cis_rsyslog_ansiblemanaged: true
 
 #### 4.2.1.6 remote and destation log server name
-rhel9cis_remote_log_server: logagg.example.com
+rhel9cis_remote_log_server: false
+rhel9cis_remote_log_host: logagg.example.com
 rhel9cis_remote_log_port: 514
 rhel9cis_remote_log_protocol: tcp
 rhel9cis_remote_log_retrycount: 100
 rhel9cis_remote_log_queuesize: 1000
 
+
 #### 4.2.1.7
 rhel9cis_system_is_log_server: false
 
diff --git a/tasks/section_4/cis_4.2.1.x.yml b/tasks/section_4/cis_4.2.1.x.yml
index 3a9cd77..d2cac93 100644
--- a/tasks/section_4/cis_4.2.1.x.yml
+++ b/tasks/section_4/cis_4.2.1.x.yml
@@ -165,7 +165,7 @@
       state: present
       block: |
         # target can be IP or FQDN
-        *.* action(type="omfwd" target="{{ rhel9cis_remote_log_server }}" port="{{ rhel9cis_remote_log_port }}" protocol="{{ rhel9cis_remote_log_protocol }}" action.resumeRetryCount="{{ rhel9cis_remote_log_retrycount }}" queue.type="LinkedList" queue.size="{{ rhel9cis_remote_log_queuesize }}")
+        *.* action(type="omfwd" target="{{ rhel9cis_remote_log_host }}" port="{{ rhel9cis_remote_log_port }}" protocol="{{ rhel9cis_remote_log_protocol }}" action.resumeRetryCount="{{ rhel9cis_remote_log_retrycount }}" queue.type="LinkedList" queue.size="{{ rhel9cis_remote_log_queuesize }}")
       insertafter: EOF
   register: result
   failed_when:
diff --git a/templates/ansible_vars_goss.yml.j2 b/templates/ansible_vars_goss.yml.j2
index ea288fc..be7bb00 100644
--- a/templates/ansible_vars_goss.yml.j2
+++ b/templates/ansible_vars_goss.yml.j2
@@ -448,8 +448,16 @@ rhel9cis_nft_tables_autochaincreate: {{ rhel9cis_nft_tables_autochaincreate }}
 
 # Section 4
 
-## Set if server is logserver
+## Set if host is a logserver
 rhel9cis_remote_log_server: {{ rhel9cis_remote_log_server }}
+
+# Remote logserver settings
+rhel9cis_remote_log_host: {{ rhel9cis_remote_log_host }}
+rhel9cis_remote_log_port: {{ rhel9cis_remote_log_port }}
+rhel9cis_remote_log_protocol: {{ rhel9cis_remote_log_protocol }}
+rhel9cis_remote_log_retrycount: {{ rhel9cis_remote_log_retrycount }}
+rhel9cis_remote_log_queuesize: {{ rhel9cis_remote_log_queuesize }}
+
 ## syslog
 rhel9cis_syslog: {{ rhel9cis_syslog }}