RHEL 9 must have the packages required for encrypting offloaded audit logs installed.

STIG ID: RHEL-09-652015  |  SRG: SRG-OS-000480-GPOS-00227 |  Severity: medium |  CCI: CCI-000366,CCI-000803 |  Vulnerability Id: V-258141 | 

Vulnerability Discussion

The rsyslog-gnutls package provides Transport Layer Security (TLS) support for the rsyslog daemon, which enables secure remote logging.

Satisfies: SRG-OS-000480-GPOS-00227, SRG-OS-000120-GPOS-00061

Check

Verify that RHEL 9 has the rsyslog-gnutls package installed with the following command:

$ sudo dnf list --installed rsyslog-gnutls

Example output:

rsyslog-gnutls.x86_64 8.2102.0-101.el9_0.1

If the "rsyslog-gnutls" package is not installed, this is a finding.

Fix

The rsyslog-gnutls package can be installed with the following command:

$ sudo dnf install rsyslog-gnutls
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.