Add checks for remote syslog [+Docs]

This patch adds a check for remote syslog configurations.

Documentation is included.

Implements: blueprint security-rhel7-stig
Change-Id: I3e05aa30c0d1d838a7f604c6ca7cce27a4d0e86a

doc/metadata/rhel7/RHEL-07-030770.rst

@@ -1,7 +1,10 @@
 ---
 id: RHEL-07-030770
-status: not implemented
+status: verification only
 tag: misc
 ---
 
-This STIG requirement is not yet implemented.
+The tasks in the security role check for uncommented lines in the rsyslog
+configuration that contain ``@`` or ``@@``, which signifies that a remote
+logging configuration is in place. If these lines are not found, a warning
+message is printed in the Ansible output.

tasks/rhel7stig/misc.yml

@@ -105,6 +105,26 @@
     - misc
     - RHEL-07-021270
 
+- name: Check if syslog output is being sent to another server
+  command: 'grep "^[^#].*@" /etc/rsyslog.conf'
+  register: rsyslog_transmit_check
+  changed_when: False
+  failed_when: False
+  check_mode: no
+  tags:
+    - always
+
+- name: RHEL-07-030770 - The system must send rsyslog output to a log aggregation server.
+  debug:
+    msg: Output from syslog must be sent to another server.
+  when:
+    - rsyslog_transmit_check is defined
+    - rsyslog_transmit_check.rc != 0
+  tags:
+    - medium
+    - misc
+    - RHEL-07-030770
+
 - name: Check if ClamAV is installed
   stat:
     path: /usr/bin/clamdscan