In the event of a system failure, RHEL 10 must preserve any information necessary to determine cause of failure and return to operations with least disruption to system processes.
Check
Verify RHEL 10 enables the systemd-journald service with the following command:
$ systemctl is-active systemd-journald active
If the systemd-journald service is not active, this is a finding.
Fix
Configure RHEL 10 to enable the systemd-journald service.
To enable the systemd-journald service, run the following command: