Vulnerability Discussion

The "rsyslog" service must be running to provide logging services, which are essential to system administration.

Check

Verify that "rsyslog" is active with the following command:

$ systemctl status rsyslog
rsyslog.service - System Logging Service
Loaded: loaded (/usr/lib/systemd/system/rsyslog.service; enabled; preset: enabled)
Active: active (running) since Mon 2024-03-04 10:10:08 UTC; 3h 20min ago

If the rsyslog service is not active, this is a finding.

Fix

To enable the rsyslog service, run the following command:

$ systemctl enable --now rsyslog