RHEL 9 audispd-plugins package must be installed.

STIG ID: RHEL-09-653130  |  SRG: SRG-OS-000342-GPOS-00133 |  Severity: medium |  CCI: CCI-001851 |  Vulnerability Id: V-258175 | 

Vulnerability Discussion

"audispd-plugins" provides plugins for the real-time interface to the audit subsystem, "audispd". These plugins can do things like relay events to remote machines or analyze events for suspicious behavior.

Check

Verify that RHEL 9 has the audispd-plugins package for installed with the following command:

$ sudo dnf list --installed audispd-plugins

Example output:

audispd-plugins.x86_64 3.0.7-101.el9_0.2

If the "audispd-plugins" package is not installed, this is a finding.

Fix

The audispd-plugins package can be installed with the following command:

$ sudo dnf install audispd-plugins
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.