Amazon Linux 2023 audispd-plugins package must be installed.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-274019 | AZLX-23-001035 | SV-274019r1120045_rule | CCI-001851 | medium |
| Description | ||||
| The "audispd-plugins" package provides plugins for the real-time interface to the audit subsystem, "audispd". These plugins can, for example, relay events to remote machines or analyze events for suspicious behavior. | ||||
| STIG | Date | |||
| Amazon Linux 2023 Security Technical Implementation Guide | 2026-02-27 | |||
Details
Check Text (C-274019r1120045_chk)
Verify Amazon Linux 2023 has the audispd-plugins package installed with the following command:
$ sudo dnf list --installed audispd-plugins
Installed Packages
audispd-plugins.x86_64 3.0.6-1.amzn2023.0.2 @amazonlinux
If the "audispd-plugins" package is not installed, this is a finding.
Fix Text (F-78015r1120044_fix)
Configure Amazon Linux 2023 to have the audispd-plugins package installed.
Install the audispd-plugins package with the following command:
$ sudo dnf install -y audispd-plugins