CCE-94245-8Platform: rhel8 | Date: (C)2019-11-07 (M)2022-10-10 |
Enable auditd Service
The 'auditd' service is an essential userspace component of
the Linux Auditing System, as it is responsible for writing audit records to
disk.
The 'auditd' service can be enabled with the following command:
'$ sudo systemctl enable auditd'
Parameter:
Technical Mechanism:
Ensuring the 'auditd' service is active ensures
audit records generated by the kernel can be written to disk, or that appropriate
actions will be taken if other obstacles exist.
Fix:
#
# Enable auditd.service for all systemd targets
#
systemctl enable auditd.service
#
# Start auditd.service if not currently running
#
systemctl start auditd.service
CCSS Severity: | CCSS Metrics: |
CCSS Score : | Attack Vector: |
Exploit Score: | Attack Complexity: |
Impact Score: | Privileges Required: |
Severity: | User Interaction: |
Vector: | Scope: |
| Confidentiality: |
| Integrity: |
| Availability: |
| |
References: