{"description": "The <tt>logrotate</tt> utility allows for the automatic rotation of\nlog files.  The frequency of rotation is specified in <tt>/etc/logrotate.conf</tt>,\nwhich triggers a cron task or a timer.  To configure logrotate to run daily, add or correct\nthe following line in <tt>/etc/logrotate.conf</tt>:\n<pre># rotate log files <i>frequency</i>\ndaily</pre>", "rationale": "Log files that are not properly rotated run the risk of growing so large\nthat they fill up the /var/log partition. Valuable logging information could be lost\nif the /var/log partition becomes full.", "severity": "medium", "references": {"cis-csc": ["1", "14", "15", "16", "3", "5", "6"], "cobit5": ["APO11.04", "BAI03.05", "DSS05.04", "DSS05.07", "MEA02.01"], "isa-62443-2009": ["4.3.3.3.9", "4.3.3.5.8", "4.3.4.4.7", "4.4.2.1", "4.4.2.2", "4.4.2.4"], "isa-62443-2013": ["SR 2.10", "SR 2.11", "SR 2.12", "SR 2.8", "SR 2.9"], "iso27001-2013": ["A.12.4.1", "A.12.4.2", "A.12.4.3", "A.12.4.4", "A.12.7.1"], "nist": ["CM-6(a)"], "nist-csf": ["PR.PT-1"], "pcidss": ["Req-10.7"], "anssi": ["R71"]}, "control_references": {"anssi": ["R71"]}, "components": [], "identifiers": {}, "ocil_clause": "logrotate is not configured to run daily", "ocil": "To determine the status and frequency of logrotate, run the following command:\n<pre>$ sudo grep logrotate /var/log/cron*</pre>\nIf logrotate is configured properly, output should include references to\n<tt>/etc/cron.daily</tt>.", "oval_external_content": null, "fixtext": "", "checktext": "", "vuldiscussion": "", "srg_requirement": "", "warnings": [], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": "package[logrotate]", "platforms": ["package[logrotate]"], "sce_metadata": {}, "inherited_platforms": ["system_with_kernel"], "cpe_platform_names": ["package_logrotate"], "inherited_cpe_platform_names": ["system_with_kernel"], "bash_conditional": null, "fixes": {}, "title": "Ensure Logrotate Runs Periodically", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/rule.yml", "template": null}