Does anyone have a syslog-ng.conf file for a QRadar console that is configured for STIG that can be shared.
The syslog-ng.conf file must be configured for the following STIG requirements:
V-204511-The Red Hat Enterprise Linux operating system must be configured so that the audit system takes
appropriate action when the audit storage volume is full.
V-204509 -The Red Hat Enterprise Linux operating system must offload audit records onto a different system or
media from the system being audited.
V-204574-The Red Hat Enterprise Linux operating system must send rsyslog output to a log aggregation server.
Thanks in advance
------------------------------
Corine Ross
------------------------------