Add Ansible remediation for directory_ownership_var_log_audit

ComplianceAsCode · Aug 22, 2023 · 2e0d83d · 2e0d83d
1 parent 2ea9497
commit 2e0d83d
Showing 1 changed file with 11 additions and 0 deletions.
diff --git a/...stem/auditing/auditd_configure_rules/directory_ownership_var_log_audit/ansible/shared.yml b/...stem/auditing/auditd_configure_rules/directory_ownership_var_log_audit/ansible/shared.yml
@@ -0,0 +1,11 @@
+# platform = multi_platform_all
+
+- name: '{{{ rule_title }}} - Register Audit Config'
+  ansible.builtin.slurp:
+    src: /etc/audit/auditd.conf
+  register: auditd_config
+q
+- name: '{{{ rule_title }}} - Set Permissions'
+  ansible.builtin.file:
+    owner: root
+    path: "{{ auditd_config['content'] | b64decode | regex_findall('^log_file = (.+)') | first | default('/var/log/audit') }}"