>
>
> Limiting of audit records is actually done in the kernel, and
> currently the rate limit applies equally[1] to all records, there is
> no ability to enforce limits per-key.


One question Paul, will it be ok, if we contribute something similar to the
Auditd Kernel repository?


-- 
Anurag Aggarwal
--
Linux-audit mailing list
Linux-audit@redhat.com
https://listman.redhat.com/mailman/listinfo/linux-audit

Reply via email to