Giter VIP home page Giter VIP logo

Comments (5)

dodys avatar dodys commented on June 12, 2024

we don't yet support CIS v2.0.0 as you can see here:
https://github.com/ComplianceAsCode/content/blob/master/products/ubuntu2204/profiles/cis_level2_server.profile

from content.

dodys avatar dodys commented on June 12, 2024

I believe that as a short solution, you could just send a PR removing audit_rules_login_events_tallylog from both cis_level2_server and cis_level2_workstation profiles, as well removing from audit_rules_login_events_tallylog rules.yml any mentions of ubuntu 22.04. That seems to be some leftover from 20.04 when the profile was first created

from content.

marcofortina avatar marcofortina commented on June 12, 2024

we don't yet support CIS v2.0.0 as you can see here: https://github.com/ComplianceAsCode/content/blob/master/products/ubuntu2204/profiles/cis_level2_server.profile

Same issue is present also using CIS v1.0.0

4.1.3.12 Ensure login and logout events are collected - Page 492

from content.

marcofortina avatar marcofortina commented on June 12, 2024

I believe that as a short solution, you could just send a PR removing audit_rules_login_events_tallylog from both cis_level2_server and cis_level2_workstation profiles, as well removing from audit_rules_login_events_tallylog rules.yml any mentions of ubuntu 22.04. That seems to be some leftover from 20.04 when the profile was first created

Changes for tallylog is ready. I need only to commit and create a PR.

What about /var/log/faillog ?

from content.

dodys avatar dodys commented on June 12, 2024

I believe that as a short solution, you could just send a PR removing audit_rules_login_events_tallylog from both cis_level2_server and cis_level2_workstation profiles, as well removing from audit_rules_login_events_tallylog rules.yml any mentions of ubuntu 22.04. That seems to be some leftover from 20.04 when the profile was first created

Changes for tallylog is ready. I need only to commit and create a PR.

What about /var/log/faillog ?

You should replace audit_rules_login_events_faillog with audit_rules_login_events_faillock

Just a reminder to move the ids from one rule.yml to the other.

from content.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.