Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”
Sign in
Sign in
or
Create a new account
About
Categories
Delivery Methods
Solutions
Resources
 Your Saved List Become a Channel Partner Sell in AWS Marketplace Amazon Web Services Home Help

Great Image but audit rules

  • By Great Image - Fix the Audit rules
  • on 05/26/2023

This is a great image which has different filesystems for /var/log/ /var/log/audit /home and /tmp. When we tried to deploy the Redhat image and apply stigs, we found the audit and messages filesystems were overloading the kernel and the IO from those precluded the image from running in a healthy stage. Using this CIS image with the CAT II STIGs, made it perfect.

However, CIS is sloppy in apply the audit rules on this image. Out of the box we found that there exists a audit.rules and CIS.rules file that contain duplicate entries that error on the OS and with security agents that use the rules. This is just sloppy and should be addressed by CIS

Leave a Comment

There are no comments to display