--- - name: "6.2.2.1.1 | PATCH | Ensure systemd-journal-remote is installed" when: - rhel9cis_rule_6_2_2_1_1 - not rhel9cis_system_is_log_server tags: - level1-server - level1-workstation - patch - journald - rule_6.2.2.1.1 - NIST800-53R5_AU-2 - NIST800-53R5_AU-7 - NIST800-53R5_AU-12 ansible.builtin.package: name: systemd-journal-remote state: present - name: "6.2.2.1.2 | PATCH | Ensure systemd-journal-upload authentication is configured" when: - rhel9cis_rule_6_2_2_1_2 - not rhel9cis_system_is_log_server tags: - level1-server - level1-workstation - patch - journald - rule_6.2.2.1.2 - NIST800-53R5_AU-2 - NIST800-53R5_AU-12 notify: Restart journald ansible.builtin.lineinfile: path: /etc/systemd/journal-upload.conf regexp: "{{ item.regexp }}" line: "{{ item.line }}" loop: - { regexp: 'URL=', line: 'URL={{ rhel9cis_journal_upload_url }}'} - { regexp: 'ServerKeyFile=', line: 'ServerKeyFile={{ rhel9cis_journal_upload_serverkeyfile }}'} - { regexp: 'ServerCertificateFile=', line: 'ServerCertificateFile={{ rhel9cis_journal_servercertificatefile }}'} - { regexp: 'TrustedCertificateFile=', line: 'TrustedCertificateFile={{ rhel9cis_journal_trustedcertificatefile }}'} - name: "6.2.2.1.3 | PATCH | Ensure systemd-journal-upload is enabled and active" when: - not rhel9cis_system_is_log_server - rhel9cis_rule_6_2_2_1_3 tags: - level1-server - level1-workstation - patch - journald - rule_6.2.2.1.3 - NIST800-53R5_AU-2 - NIST800-53R5_AU-12 ansible.builtin.systemd: name: systemd-journal-upload masked: false enabled: true - name: "6.2.2.1.4 | PATCH | Ensure systemd-journal-remote service is not in use" when: - not rhel9cis_system_is_log_server - rhel9cis_rule_6_2_2_1_4 tags: - level1-server - level1-workstation - patch - journald - rule_6.2.2.1.4 - NIST800-53R5_AU-2 - NIST800-53R5_AU-7 - NIST800-53R5_AU-12 ansible.builtin.systemd: name: "{{ item }}" state: stopped enabled: false masked: true loop: - systemd-journal-remote.socket - systemd-journal-remote.service