Detections
Analytics
GEN003660 - The system must log authentication informational data - rsyslog.conf
Information
Monitoring and recording successful and unsuccessful logins assists in tracking unauthorized access to the system.NOTE: /etc/rsyslog.conf file is not found. Please ensure this matches policy.
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
Edit /etc/syslog.conf or /etc/rsyslog.conf and add local log destinations for 'authpriv.*', 'authpriv.debug' or 'authpriv.info'.See Also
http://iasecontent.disa.mil/stigs/zip/U_RedHat_5_V1R18_STIG.zip
Item Details
Category: AUDIT AND ACCOUNTABILITY
References: 800-53|AU-2d., CAT|II, CCI|CCI-000126, Group-ID|V-12004, Rule-ID|SV-37404r2_rule, STIG-ID|GEN003660, Vuln-ID|V-12004
Plugin: Unix
Control ID: efa6791f93ff54eef9b6f2add097e242ccee24c9c21d0bdcc98a3062fec2f625