* Latest audit file for DISA STIGS
@ 2015-05-12 13:18 James.A.Williams.ctr
2015-05-12 13:38 ` Steve Grubb
2015-05-12 13:53 ` leam hall
0 siblings, 2 replies; 3+ messages in thread
From: James.A.Williams.ctr @ 2015-05-12 13:18 UTC (permalink / raw)
To: linux-audit
Classification: UNCLASSIFIED
======================================================
Hi All,
Does anyone have a good audit file that conforms to the DISA STIG (RHEL 6)?
Please email the file or copy into email.
Thanks,
Jim
======================================================
Classification: UNCLASSIFIED
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Latest audit file for DISA STIGS
2015-05-12 13:18 Latest audit file for DISA STIGS James.A.Williams.ctr
@ 2015-05-12 13:38 ` Steve Grubb
2015-05-12 13:53 ` leam hall
1 sibling, 0 replies; 3+ messages in thread
From: Steve Grubb @ 2015-05-12 13:38 UTC (permalink / raw)
To: linux-audit; +Cc: James.A.Williams.ctr
On Tuesday, May 12, 2015 01:18:03 PM James.A.Williams.ctr@nga.mil wrote:
> Does anyone have a good audit file that conforms to the DISA STIG (RHEL
> 6)?
>
> Please email the file or copy into email.
The shipping stig.rules file is intended to satisfy the STIG. You can see a
copy here:
https://fedorahosted.org/audit/browser/trunk/contrib/stig.rules
-Steve
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Latest audit file for DISA STIGS
2015-05-12 13:18 Latest audit file for DISA STIGS James.A.Williams.ctr
2015-05-12 13:38 ` Steve Grubb
@ 2015-05-12 13:53 ` leam hall
1 sibling, 0 replies; 3+ messages in thread
From: leam hall @ 2015-05-12 13:53 UTC (permalink / raw)
To: linux-audit
[-- Attachment #1.1: Type: text/plain, Size: 977 bytes --]
Hey Jim,
I'm working on one, mostly based off Steve Grubb's recommendations. I will
share something Steve said though. The STIG has two lines for many audit
events. If I understand correctly, that will cause a performance hit. So an
automated STIG validator may fail if it follows the STIG verbatim.
https://github.com/LeamHall/SecComFrame/tree/master/tasks/audit/puppet/audit/files
Leam
On Tue, May 12, 2015 at 9:18 AM, <James.A.Williams.ctr@nga.mil> wrote:
> Classification: UNCLASSIFIED
> ======================================================
>
> Hi All,
>
> Does anyone have a good audit file that conforms to the DISA STIG (RHEL
> 6)?
>
> Please email the file or copy into email.
>
> Thanks,
> Jim
> ======================================================
> Classification: UNCLASSIFIED
>
>
> --
> Linux-audit mailing list
> Linux-audit@redhat.com
> https://www.redhat.com/mailman/listinfo/linux-audit
>
--
Mind on a Mission <http://leamhall.blogspot.com/>
[-- Attachment #1.2: Type: text/html, Size: 1716 bytes --]
[-- Attachment #2: Type: text/plain, Size: 0 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2015-05-12 13:53 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-05-12 13:18 Latest audit file for DISA STIGS James.A.Williams.ctr
2015-05-12 13:38 ` Steve Grubb
2015-05-12 13:53 ` leam hall
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox