Information
Configuration Level : Level-II
Solution
For 64 bit systems, add the following lines to the /etc/audit/audit.rules file.-a always,exit -F arch=b64 -S sethostname -S setdomainname -k system-locale
-a always,exit -F arch=b32 -S sethostname -S setdomainname -k system-locale
-w /etc/issue -p wa -k system-locale
-w /etc/issue.net -p wa -k system-locale
-w /etc/hosts -p wa -k system-locale
-w /etc/sysconfig/network -p wa -k system-locale
# Execute the following command to restart auditd
# pkill -P 1-HUP auditdFor 32 bit systems, add the following lines to the /etc/audit/audit.rules file.-a always,exit -F arch=b32 -S sethostname -S setdomainname -k system-locale
-w /etc/issue -p wa -k system-locale
-w /etc/issue.net -p wa -k system-locale
-w /etc/hosts -p wa -k system-locale
-w /etc/sysconfig/network -p wa -k system-locale
# Execute the following command to restart auditd
# pkill -P 1-HUP auditd