RHEL 10 must have the rsyslog service set to active.

STIG ID: RHEL-10-200641  |  SRG: SRG-OS-000040-GPOS-00018 |  Severity: medium (CAT II)  |  CCI: CCI-000133 |  Vulnerability Id: V-280984

Vulnerability Discussion

The rsyslog service must be running to provide logging services, which are essential to system administration.

Check

Verify RHEL 10 rsyslog is active with the following command:

$ systemctl is-active rsyslog
active

If the rsyslog service is not active, this is a finding.

Fix

Configure RHEL 10 to enable the rsyslog service with the following command:

$ sudo systemctl enable --now rsyslog
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.