Move rules from base profile to control file definition

Author: teacup-on-rockingchair

products/sle16/controls/base_sle16.yml

@@ -9,5 +9,6 @@ reference_type: suse-base-sle16
 levels:
     - id: pcidss4
     - id: anssi_minimal
+    - id: hipaa
 
 product: sle16

products/sle16/controls/base_sle16/0500_audit.yml

@@ -0,0 +1,32 @@
+#
+# A group of rules regarding audit operating system functionality
+#
+# SLES-16 ids allocated for this group from SLES-16-16016500 till SLES-16-16016699
+#
+
+controls:
+    - id: SLES-16-16016500
+      levels:
+          - hipaa
+      title: Enable the selinuxuser_execmod SELinux Boolean in SLE16
+      rules:
+          - sebool_selinuxuser_execmod
+      status: automated
+
+    - id: SLES-16-16016505
+      levels:
+          - hipaa
+      title: Enable service for audit logs in SLE16
+      rules:
+          - service_auditd_enabled
+      status: automated
+
+    - id: SLES-16-16016510
+      levels:
+          - hipaa
+      title: Enable remote logging functionality in SLE16
+      rules:
+          - rsyslog_remote_loghost
+      status: automated
+
+

products/sle16/profiles/base.profile

@@ -17,6 +17,3 @@ description: |-
 
 selections:
     - base_sle16:all
-    - sebool_selinuxuser_execmod
-    - rsyslog_remote_loghost
-    - service_auditd_enabled