Hi; I need filter logs to terminal name(if tty/terminal equal none, write to audit.log).
Example: -a entry,always -S execve -F tty!=none But, no use tty in filter parameter list. How this? Thank You Best Regards
-- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
