Merge pull request #12336 from rumch-se/rules_used_template_service_e…

…nabled_update_for_slem

Updated rules based on template service_enabled to support SLEM

controls/stig_slmicro5.yml

@@ -415,8 +415,9 @@ controls:
           SLEM 5 must be configured to prohibit or restrict the use of functions, ports,
           protocols, and/or services as defined in the Ports, Protocols, and Services Management
           (PPSM) Category Assignments List (CAL) and vulnerability assessments.
-      rules: []
-      status: pending
+      rules: 
+          - service_firewalld_enabled
+      status: automated
 
     - id: SLEM-05-252010
       levels:
@@ -1357,8 +1358,9 @@ controls:
       title:
           SLEM 5 audit records must contain information to establish what type of events
           occurred, the source of events, where events occurred, and the outcome of events.
-      rules: []
-      status: pending
+      rules: 
+          - service_auditd_enabled
+      status: automated
 
     - id: SLEM-05-653020
       levels:

linux_os/guide/auditing/service_auditd_enabled/rule.yml

@@ -30,6 +30,7 @@ identifiers:
     cce@rhel10: CCE-87955-1
     cce@sle12: CCE-83024-0
     cce@sle15: CCE-85581-7
+    cce@slmicro5: CCE-93768-0
 
 references:
     cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8,9

linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml

@@ -22,6 +22,7 @@ identifiers:
     cce@rhel10: CCE-88110-2
     cce@sle12: CCE-91466-3
     cce@sle15: CCE-85751-6
+    cce@slmicro5: CCE-93769-8
 
 references:
     cis-csc: 11,3,9

shared/references/cce-slmicro5-avail.txt

@@ -21,8 +21,6 @@ CCE-93764-9
 CCE-93765-6
 CCE-93766-4
 CCE-93767-2
-CCE-93768-0
-CCE-93769-8
 CCE-93770-6
 CCE-93771-4
 CCE-93772-2