Also, how can I filter out root and sudo account entries, displaying everyone else in audit?
Thanks. Scott _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Whenever I review audit logs, it is difficult for me to determine if an
account was logged in at an usual day/time because there is no timestamp
next to any entry, at least as I interpret the format. How, then do I
properly and successfully review the audit log entries based on a
date/time stamp?
- [CentOS] Interpreting audit logs? Scott Ehrlich
- Re: [CentOS] Interpreting audit logs? Johnny Hughes
