Amazon Linux 2023 audispd-plugins package must be installed.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-274019 | AZLX-23-001035 | SV-274019r1120045_rule | CCI-001851 | medium |
| Description | ||||
| The "audispd-plugins" package provides plugins for the real-time interface to the audit subsystem, "audispd". These plugins can, for example, relay events to remote machines or analyze events for suspicious behavior. | ||||
| STIG | Date | |||
| Amazon Linux 2023 Security Technical Implementation Guide | 2026-02-27 | |||
Related Frameworks
2 paths across 2 frameworks
Related Frameworks
NIST 800-531 mapping
AU-4(1)
1.00
- DISA · V1R3 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI1 mapping
CCI-001851
1.00
- DISA · V1R3 · disa_xccdf · related
Details
Check Text (C-274019r1120045_chk)
Verify Amazon Linux 2023 has the audispd-plugins package installed with the following command:
$ sudo dnf list --installed audispd-plugins
Installed Packages
audispd-plugins.x86_64 3.0.6-1.amzn2023.0.2 @amazonlinux
If the "audispd-plugins" package is not installed, this is a finding.
Fix Text (F-78015r1120044_fix)
Configure Amazon Linux 2023 to have the audispd-plugins package installed.
Install the audispd-plugins package with the following command:
$ sudo dnf install -y audispd-plugins