Skip to content

6.1.2.1.4 Ensure systemd-journal-remote service is not in use

Audit#

Run the following command to verify systemd-journal-remote.socket and systemd-journal-remote.service are not enabled: 

# systemctl is-enabled systemd-journal-remote.socket systemd-journal-remote.service | grep -P -- '^enabled'
Nothing should be returned

Run the following command to verify systemd-journal-remote.socket and systemd-journal-remote.service are not active: 

# systemctl is-active systemd-journal-remote.socket systemd-journal-remote.service | grep -P -- '^active'
Nothing should be returned

Remediation#

Run the following commands to stop and mask systemd-journal-remote.socket and systemd-journal-remote.service: 

# systemctl stop systemd-journal-remote.socket systemd-journal-remote.service
# systemctl mask systemd-journal-remote.socket systemd-journal-remote.service