Skip to content

logging_services_active: add syslog-ng as a recognized logging service#14777

Open
israel-villar wants to merge 1 commit into
ComplianceAsCode:masterfrom
israel-villar:feat/logging-syslogng-support
Open

logging_services_active: add syslog-ng as a recognized logging service#14777
israel-villar wants to merge 1 commit into
ComplianceAsCode:masterfrom
israel-villar:feat/logging-syslogng-support

Conversation

@israel-villar

@israel-villar israel-villar commented Jun 5, 2026

Copy link
Copy Markdown
Contributor

The OVAL check and description only listed rsyslog and systemd-journald. Add syslog-ng to the unit pattern so the rule passes on systems that use syslog-ng as their primary logging daemon (e.g. Debian 13 CIS profile).

Description:

  • Add syslog-ng to the systemd unit pattern in the logging_services_active
    OVAL check and to the example command in the rule description.

  • Previously the rule only recognized rsyslog and systemd-journald as
    valid active logging services. Systems that use syslog-ng as their primary
    logging daemon (e.g. Debian 13 with the CIS profile) would fail this check
    even when a logging service is correctly active.

Rationale:

  • syslog-ng is a widely-used alternative to rsyslog. The rule intent is
    "at least one logging service is active", so syslog-ng should be included
    alongside rsyslog and systemd-journald.

Review Hints:

  • Two-line change: one in the OVAL unit pattern, one in the description example.

@israel-villar @claude
logging_services_active: add syslog-ng as a recognized logging service
650381d 
The OVAL check and description only listed rsyslog and systemd-journald.
Add syslog-ng to the unit pattern so the rule passes on systems that use
syslog-ng as their primary logging daemon (e.g. Debian 13 CIS profile).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@openshift-ci openshift-ci Bot added the needs-ok-to-test Used by openshift-ci bot. label Jun 5, 2026
@openshift-ci

openshift-ci Bot commented Jun 5, 2026

Copy link
Copy Markdown

Hi @israel-villar. Thanks for your PR.

I'm waiting for a ComplianceAsCode member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work.

Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@jan-cerny jan-cerny self-assigned this Jun 8, 2026
@jan-cerny jan-cerny added the Debian Debian product related. label Jun 8, 2026
@jan-cerny jan-cerny added this to the 0.1.82 milestone Jun 8, 2026
@github-actions

github-actions Bot commented Jun 8, 2026

Copy link
Copy Markdown

This datastream diff is auto generated by the check Compare DS/Generate Diff

Click here to see the full diff 
New content has different text for rule 'xccdf_org.ssgproject.content_rule_logging_services_active'.
--- xccdf_org.ssgproject.content_rule_logging_services_active
+++ xccdf_org.ssgproject.content_rule_logging_services_active
@@ -5,7 +5,7 @@
 [description]:
 Ensure that a logging system is active and in use.
 
-systemctl is-active rsyslog systemd-journald
+systemctl is-active rsyslog syslog-ng systemd-journald
 
 The command should return at least one active.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@jan-cerny jan-cerny

Labels

Debian Debian product related. needs-ok-to-test Used by openshift-ci bot.

Projects

None yet

Milestone

0.1.82

Development

Successfully merging this pull request may close these issues.

2 participants

@israel-villar @jan-cerny