Running the hardening script on the Console

To help secure the system, you must run hardening scripts on the IBM® QRadar® Console.

Before you begin

Before you run the hardening script, verify that the stiguser can log in remotely.

Procedure

  1. Go to the STIG directory by typing the following command:

    cd /opt/qradar/util/stig/bin

  2. Run the STIG hardening script by typing the following command:

    ./stig_harden.sh -h

    Type yes at the following prompt: Do you want to continue (yes/no)?

    Note: You must run the script only once.
  3. Restart the QRadar appliance.
    Note: Remote login as root has been disabled. You must login as root from the console.
  4. While you are logged in as an administrator, verify that the stiguser can log in remotely at the same time that you (as administrator) are logged in as a root user.

    If you are hardening a managed host, change the root user's password to meet the password requirements. Ensure that the root authentication works locally.

What to do next

Edit the QRadar configuration.