Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Ubuntu 22.04 LTS must be configured to preserve log records from failure events.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-260588 | UBTU-22-652010 | SV-260588r991562_rule | Medium |
| Description |
|---|
| Failure to a known state can address safety or security in accordance with the mission/business needs of the organization. Failure to a known secure state helps prevent a loss of confidentiality, integrity, or availability in the event of a failure of the information system or a component of the system. Preserving operating system state information helps to facilitate operating system restart and return to the operational mode of the organization with least disruption to mission/business processes. |
| STIG | Date |
|---|---|
| Canonical Ubuntu 22.04 LTS Security Technical Implementation Guide | 2024-05-30 |
Details
| Check Text ( C-64317r953575_chk ) |
|---|
| Verify the log service is installed properly by using the following command: $ dpkg -l | grep rsyslog ii rsyslog 8.2112.0-2ubuntu2.2 amd64 reliable system and kernel logging daemon If the "rsyslog" package is not installed, this is a finding. Check that the log service is enabled and active by using the following commands: $ systemctl is-enabled rsyslog.service enabled $ systemctl is-active rsyslog.service active If "rsyslog.service" is not enabled and active, this is a finding. |
| Fix Text (F-64225r953576_fix) |
|---|
| Install the log service by using the following command: $ sudo apt-get install rsyslog Enable and activate the log service by using the following command: $ sudo systemctl enable rsyslog.service --now |