A security policy requires that authentication-related messages of warning severity or higher be forwarded to a central collector at 192.168.1.50 over TCP port 514, while preventing those messages from being written to any local log file. Which rsyslog rule fragment, placed in /etc/rsyslog.d/secure-forward.conf, meets the requirement?
The selector "authpriv.warning" matches the authpriv facility at priority warning and all higher priorities. Prepending two at-signs ("@@") to the destination host tells rsyslog to use plain TCP on port 514. Placing a second action line that begins with an ampersand and the keyword stop immediately after the forwarding action discards the message, so it is not processed by subsequent rules and therefore is not written to local log files. The other choices fail because: one uses UDP (single @), one excludes the required severities with "!warning", and one omits the stop/discard action, letting the messages continue to local files.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the difference between '@' and '@@' in rsyslog configuration?
Open an interactive chat with Bash
What is the purpose of the '& stop' in the rsyslog rule?
Open an interactive chat with Bash
What does 'authpriv.warning' signify in the rsyslog rule?
Open an interactive chat with Bash
CompTIA Linux+ XK0-006 (V8)
Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access