Hello All, The current rate limiter, audit_set_rate_limit limits all types of events. In our case, we want to limit auditd events with a specific key, as they are very noisy and consume very high CPU.
>From my understanding, this support is currently missing in AuditD. Is my understanding correct? -- Anurag Aggarwal
-- Linux-audit mailing list Linux-audit@redhat.com https://listman.redhat.com/mailman/listinfo/linux-audit
