AlmaLinux OS 9 must have the packages required for encrypting offloaded audit logs installed.

STIG ID: ALMA-09-039620  |  SRG: SRG-OS-000120-GPOS-00061 |  Severity: medium |  CCI: CCI-000803 |  Vulnerability Id: V-269416

Vulnerability Discussion

The rsyslog-gnutls package provides Transport Layer Security (TLS) support for the rsyslog daemon, which enables secure remote logging.

Check

Verify that the rsyslog-gnutls package is installed with the following command:

$ dnf list --installed rsyslog-gnutls

rsyslog-gnutls.x86_64 8.2102.0-111.el9 @AppStream

If the "rsyslog-gnutls" package is not installed, this is a finding.

Fix

Install the rsyslog-gnutls package with the following command:

$ dnf install rsyslog-gnutls
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.