Sort of a followup question. I'm surprised adding "audit.none" to the "/var/log/messages" line of rsyslog.conf (RHEL 6) works. I didn't think audit was a full "facility" in whatever rsyslog looks at. Am I more confused than normal?
Thanks! Leam On Tue, Oct 4, 2016 at 10:36 AM, Steve Grubb <[email protected]> wrote: > On Tuesday, October 4, 2016 10:10:31 AM EDT leam hall wrote: > > For /etc/audisp/plugins.d/syslog.conf, is "LOG_WARN" an accpeted arg, or > > does it need to be "LOG_WARNING"? > > LOG_WARNING. > > https://fedorahosted.org/audit/browser/trunk/audisp/ > audispd-builtins.c#L279 > > -Steve > -- Mind on a Mission <http://leamhall.blogspot.com/>
-- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
