Lynis Controls - Accounting



Security Controls

[ACCT-2754] FreeBSD process accounting Category  
Process accounting is a method to track system resources. It includes a way to monitor system resources and how these resources are used for the users on the system. On FreeBSD accounting can be enabled to track these resources. Accounting
Cfengine Chef Shell script Puppet Effort Risk
    tick  
1 2 3 4 5
1 2 3 4 5

[ACCT-9622] Linux process accounting Category  
Process accounting is a method to track system resources. It includes a way to monitor system resources and how these resources are used for the users on the system. On Linux systems, process accounting can be enabled to track these resources. Accounting
Cfengine Chef Shell script Puppet Effort Risk
    tick  
1 2 3 4 5
1 2 3 4 5

[ACCT-9626] Sysstat accounting data Category  
Sysstat collects system information Accounting
Cfengine Chef Shell script Puppet Effort Risk
    tick  
1 2 3 4 5
1 2 3 4 5

[ACCT-9628] Audit daemon status Category  
For Linux systems the Linux audit daemon can audit files and processes. This control checks for the status of the audit daemon. Suspicious changes or activities will trigger an event to be logged by the audit daemon. Accounting
Cfengine Chef Shell script Puppet Effort Risk
       
1 2 3 4 5
1 2 3 4 5

[ACCT-9630] Empty Linux audit daemon ruleset Category  
This control checks for an empty ruleset of the Linux audit daemon. Accounting
Cfengine Chef Shell script Puppet Effort Risk
    tick  
1 2 3 4 5
1 2 3 4 5

[ACCT-9632] Auditd configuration file location Category  
The Linux audit framework consists of an audit daemon (auditd), utilities, audit rules and a configuration file for the daemon. This file (auditd.conf) is generally located in the /etc/audit directory or similar. Lynis tries to determine where this file is located. If this control shows up, the location could not be discovered. This is unusual, as the binaries of the framework are present and the audit daemon is running. Accounting
Cfengine Chef Shell script Puppet Effort Risk
    tick  
1 2 3 4 5
1 2 3 4 5

[ACCT-9636] Linux audit trail (Snoopy) Category  
This control checks if the Snoopy library can be found, which is a wrapper around execve() and logger. By implementing Snoopy an audit trail can be created by logging all executed commands. Accounting
Cfengine Chef Shell script Puppet Effort Risk
    tick  
1 2 3 4 5
1 2 3 4 5