{"description": "Arbitrary changes to the system time can be used to obfuscate\nnefarious activities in log files, as well as to confuse network services that\nare highly dependent upon an accurate system time. All changes to the system\ntime should be audited.", "warnings": [], "requires": [], "conflicts": [], "values": {}, "groups": {}, "rules": ["audit_rules_time_adjtimex", "audit_rules_time_clock_settime", "audit_rules_time_settimeofday", "audit_rules_time_stime", "audit_rules_time_watch_localtime"], "platform": "", "platforms": [], "inherited_platforms": ["system_with_kernel", "package[audit]"], "cpe_platform_names": [], "title": "Records Events that Modify Date and Time Information", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/group.yml"}