Hey Jim,

I'm working on one, mostly based off Steve Grubb's recommendations. I will share something Steve said though. The STIG has two lines for many audit events. If I understand correctly, that will cause a performance hit. So an automated STIG validator may fail if it follows the STIG verbatim.

https://github.com/LeamHall/SecComFrame/tree/master/tasks/audit/puppet/audit/files

Leam

On Tue, May 12, 2015 at 9:18 AM, <James.A.Williams.ctr@nga.mil> wrote:

Classification: UNCLASSIFIED
======================================================

Hi All,

Does anyone have a good audit file that conforms to the DISA STIG (RHEL 6)?

Please email the file or copy into email.

Thanks,
Jim
======================================================
Classification: UNCLASSIFIED

--
Linux-audit mailing list
Linux-audit@redhat.com
https://www.redhat.com/mailman/listinfo/linux-audit

Mind on a Mission