OVALFileLinker from SCAP Security Guide ssg: [0, 1, 80], python: 3.10.12 5.11.2 2025-11-24T17:59:05 System Audit Logs Must Be Owned By Root Ubuntu 22.04 Checks that all audit log files are owned by the root user. 'log_file' Not Set In /etc/audit/auditd.conf Ubuntu 22.04 Verify 'log_file' is not set in /etc/audit/auditd.conf. oval:ssg-state_owner_not_root_var_log_audit:ste:1 /var/log/audit ^.*$ oval:ssg-state_owner_not_root_var_log_audit:ste:1 /etc/audit/auditd.conf ^(log_file\s*=\s*.*)$ 1 0