STIGhubSTIGhub
STIGsSearchCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to VMware vRealize Operations Manager 6.x SLES Security Technical Implementation Guide

V-239534

CAT II (Medium)

The system syslog service must log informational and more severe SMTP service messages.

Rule ID

SV-239534r662053_rule

STIG

VMware vRealize Operations Manager 6.x SLES Security Technical Implementation Guide

Version

V2R2

CCIs

CCI-000382

Discussion

If informational and more severe SMTP service messages are not logged, malicious activity on the system may go unnoticed.

Check Content

Check the "/etc/syslog-ng/syslog-ng.conf" file for the following log entries:

filter f_mailinfo { level(info) and facility(mail); };
filter f_mailwarn { level(warn) and facility(mail); };
filter f_mailerr { level(err, crit) and facility(mail); };
filter f_mail { facility(mail); };

If any of the above log entries are present, this is not a finding.

Fix Text

Edit the "/etc/syslog-ng/syslog-ng.conf" file and add the following log entries:

filter f_mailinfo { level(info) and facility(mail); };
filter f_mailwarn { level(warn) and facility(mail); };
filter f_mailerr { level(err, crit) and facility(mail); };
filter f_mail { facility(mail); };

destination mailinfo { file("/var/log/mail.info"); };
log { source(src); filter(f_mailinfo); destination(mailinfo); };

destination mailwarn { file("/var/log/mail.warn"); };
log { source(src); filter(f_mailwarn); destination(mailwarn); };

destination mailerr { file("/var/log/mail.err" fsync(yes)); };
log { source(src); filter(f_mailerr); destination(mailerr); };