1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
|
documentation_complete: true
title: 'Ensure the default plugins for the audit dispatcher are Installed'
description: 'The audit-audispd-plugins package should be installed.'
rationale: 'Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Off-loading is a common process in information systems with limited audit storage capacity.'
severity: medium
identifiers:
cce@rhel9: CCE-89457-6
cce@sle12: CCE-83033-1
cce@sle15: CCE-85613-8
cce@slmicro5: CCE-94096-5
cce@slmicro6: CCE-94707-7
ocil_clause: 'the package is not installed'
references:
hipaa: 164.308(a)(1)(ii)(D),164.308(a)(5)(ii)(C),164.310(a)(2)(iv),164.310(d)(2)(iii),164.312(b)
nist@sle12: AU-4(1)
pcidss: Req-10.5.3
srg: SRG-OS-000342-GPOS-00133
stigid@sle12: SLES-12-020070
stigid@sle15: SLES-15-030670
template:
name: package_installed
vars:
pkgname: audit-audispd-plugins
pkgname@ubuntu2204: audispd-plugins
pkgname@ubuntu2404: audispd-plugins
pkgname@debian12: audispd-plugins
pkgname@debian13: audispd-plugins
{{% if 'rhel' in product %}}
warnings:
- general:
This package is not available in {{{ full_name }}} [{{{ product }}}]. The correct package
is called <pre>audispd-plugins</pre>.
{{% endif %}}
|
