Puppet Class: cis_security_hardening::rules::rsyslog_installed

Defined in:
manifests/rules/rsyslog_installed.pp

Summary

Ensure rsyslog or syslog-ng is installed

Overview

The rsyslog and syslog-ng software are recommended replacements to the original syslogd daemon which provide improvements over syslogd , such as connection-oriented (i.e. TCP) transmission of logs, the option to log to database formats, and the encryption of log data en route to a central logging server.

Rationale: The security enhancements of rsyslog and syslog-ng such as connection-oriented (i.e. TCP) transmission of logs, the option to log to database formats, and the encryption of log data en route to a central logging server) justify installing and configuring the package.

Examples:

class 'cis_security_hardening::rules::rsyslog_installed' {
    enforce => true,
}

Parameters:

  • enforce (Boolean) (defaults to: false)

    Enforce the rule



22
23
24
25
26
27
28
29
30
 
# File 'manifests/rules/rsyslog_installed.pp', line 22

class cis_security_hardening::rules::rsyslog_installed (
  Boolean $enforce = false,
) {
  if $enforce {
    ensure_packages(['rsyslog'], {
        ensure => installed,
    })
  }
}