hello, you can easily do an encrypted /var/log/auditlog partition and save the logs there
Am 26. November 2018 19:37:36 MEZ schrieb Richard Guy Briggs <[email protected]>: >On 2018-11-24 17:37, Ranran wrote: >> Hello, >> >> Is there a way to encrypt the auditd logs which are saved to disk? >> The system need to save logs from local into disk (not a remote >> connection), but it should be saved encryped. Is there a way to do >it? > >The easy answer is that any system that is configured to use full disk >encryption (LUKS is the default one on many distros.) will give you >that >automatically. > >You have not provided more detail to know if this is what you had in >mind or would be sufficient for your requirements. If you require the >daemon to write to encrypted log files, then you may be out of luck. > >> ran > >- RGB > >-- >Richard Guy Briggs <[email protected]> >Sr. S/W Engineer, Kernel Security, Base Operating Systems >Remote, Ottawa, Red Hat Canada >IRC: rgb, SunRaycer >Voice: +1.647.777.2635, Internal: (81) 32635 > >-- >Linux-audit mailing list >[email protected] >https://www.redhat.com/mailman/listinfo/linux-audit
-- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
