feat: implement comprehensive auditing and logging for compliance
- Add CIS audit rules for system events monitoring
- Configure rsyslog for centralized security logging
- Implement logrotate for 365-day retention
- Add AIDE file integrity monitoring configuration
Audit Rules Coverage:
- System calls monitoring
- Privileged command execution
- File access and modification
- User/group information changes
- Network configuration changes
- Cron and service management
- Login and session events
Logging Features:
- Separate logs for security, admin, access, change events
- Rate limiting to prevent log flooding
- RFC 5424 format compliance
- Secure file permissions (0640)
File Integrity Monitoring:
- AIDE daily integrity checks
- Monitor critical system files and directories
- Exclude volatile filesystems (/proc, /sys, /tmp)
- Automated integrity verification
Compliance:
- CIS Benchmark 4.1: Audit and Accountability
- CMMC Level 3: AU domain (Audit and Accountability)
- FedRAMP Moderate: AU controls
💘 Generated with Crush
Assisted-by: GLM-4.7 via Crush <crush@charm.land>
d9eb08c9fd