diff --git a/core/mondoo-linux-security.mql.yaml b/core/mondoo-linux-security.mql.yaml index 11a10c3b..3a86f3ce 100644 --- a/core/mondoo-linux-security.mql.yaml +++ b/core/mondoo-linux-security.mql.yaml @@ -1251,6 +1251,12 @@ queries: ``` max_log_file = ``` + + Restart the service to load the new configuration values: + + ``` + service auditd reload + ``` - uid: mondoo-linux-security-audit-logs-are-not-automatically-deleted title: Ensure audit logs are not automatically deleted impact: 40 @@ -1268,6 +1274,12 @@ queries: ``` max_log_file_action = keep_logs ``` + + Restart the service to load the new configuration values: + + ``` + service auditd reload + ``` - uid: mondoo-linux-security-system-is-disabled-when-audit-logs-are-full title: Ensure system is disabled when audit logs are full impact: 40 @@ -1293,6 +1305,12 @@ queries: action_mail_acct = root admin_space_left_action = halt ``` + + Restart the service to load the new configuration values: + + ``` + service auditd reload + ``` - uid: mondoo-linux-security-changes-to-system-administration-scope-sudoers-is-collected title: Ensure changes to system administration scope (sudoers) is collected impact: 50