4e8bf6705f
- Removing extra space _ Fixing some typos Change-Id: Ib4f86c7a29074ce0150a3cd55478ed94f2d62c43
564 B
564 B
---id: RHEL-07-030331 status: opt-in tag: auditd ---
The audispd daemon transmits audit logs without
encryption by default. The STIG requires that these logs are encrypted
while they are transferred across the network. The encryption is
controlled by the enable_krb5 option in
/etc/audisp/audisp-remote.conf.
Deployers can opt-in for encrypted audit log transmission by setting the following Ansible variable:
security_audisp_enable_krb5: yesWarning
Only enable this setting if kerberos is already configured.