I have a new VM running RH 6 server. I put some audit.rules in place, and now I notice that I am getting 11 MB of audit log entries every half hour. This server has no users or services running. I am trying to use audit-viewer to determine which of my rules is creating so much log traffic, but I don't understand the output enough to be able to tell. The version of audit is 2.0.4-1 (64 bit).
Is this the correct forum to ask this question? If so, I can provide the audit rules and some of the logs. --- Bill Tangren IAM U.S. Naval Observatory, Washington
smime.p7s
Description: S/MIME cryptographic signature
-- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
