{"description": "The operating system file integrity tool must be configured to notify designated personnel of any changes to configurations.", "rationale": "Detecting changes in the system can help avoid unintended, and negative consequences\nthat could affect the security state of the operating system", "severity": "medium", "references": {"srg": ["SRG-OS-000447-GPOS-00201", "SRG-OS-000363-GPOS-00150"], "stigid": ["UBTU-22-651020"], "stigref": ["SV-260584r958794_rule"]}, "control_references": {"stigid": ["UBTU-22-651020"]}, "components": [], "identifiers": {}, "ocil_clause": "silentreports is enabled in aide default configuration, or is missing", "ocil": "Verify that Advanced Intrusion Detection Environment (AIDE) notifies the System Administrator\nwhen anomalies in the operation of any security functions are discovered with the following command:\n<pre># grep SILENTREPORTS /etc/default/aide </pre>\n\nSILENTREPORTS=no\n\nIf SILENTREPORTS is commented out, this is a finding.\n\nIf SILENTREPORTS is set to \"yes\", this is a finding.\n\nIf SILENTREPORTS is not set to \"no\", this is a finding.", "oval_external_content": null, "fixtext": "Configure the Ubuntu 22.04 operating system to notify designated personnel if baseline configurations are changed in an unauthorized manner.\n\nModify the \"SILENTREPORTS\" parameter in the \"/etc/default/aide\" file with a value of \"no\" if it does not already exist.", "checktext": "", "vuldiscussion": "", "srg_requirement": "Ubuntu 22.04 must notify designated personnel if baseline configurations are changed in an unauthorized manner.", "warnings": [], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": null, "platforms": [], "sce_metadata": {}, "inherited_platforms": ["system_with_kernel"], "cpe_platform_names": [], "inherited_cpe_platform_names": ["system_with_kernel"], "bash_conditional": null, "fixes": {}, "title": "Configure AIDE To Notify Personnel if Baseline Configurations Are Altered", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/system/software/integrity/software-integrity/aide/aide_disable_silentreports/rule.yml", "template": {"name": "key_value_pair_in_file", "vars": {"path": "/etc/default/aide", "key": "SILENTREPORTS", "value": "no", "sep": "=", "sep_regex": "="}, "backends": {}}}