4.2.1.3 Ensure rsyslog default file permissions configured

Information

It is important to ensure that log files have the correct permissions to ensure that sensitive
data is archived and protected.

Solution

Edit the /etc/rsyslog.conf and set $FileCreateMode to 0640 or more restrictive - $FileCreateMode 0640

See Also

https://workbench.cisecurity.org/files/1863

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-9, 800-53|AU-9(2), CSCv6|5.1

Plugin: Unix

Control ID: ac1197f90b188e77e9938bc9eaaa6b4c95cd5380b023aeed59476e43f641dbf9