On Fri, 2013-03-15 at 12:54 -0400, Steve Grubb wrote:
On Friday, March 15, 2013 11:22:50 AM Miloslav Trmac wrote:
- Original Message -
2) Write an audispd plugin that used the sd-journal API to store
audit events in the journal.
3) Add sd-journal as a log format to
Recently I've been switching over my embedded distro to relying on
systemd for logging. The thought crossed my mind that it would be
convenient if auditd supported storing log information in systemd's
journal with the sd-journal API. It would be great if syslog data and
audit log data were stored
- Original Message -
2) Write an audispd plugin that used the sd-journal API to store
audit events in the journal.
3) Add sd-journal as a log format to auditd.
Both of these will run into the problem recently discussed on this mailing
list: the available methods to parse an audit
On Friday, March 15, 2013 11:22:50 AM Miloslav Trmac wrote:
- Original Message -
2) Write an audispd plugin that used the sd-journal API to store
audit events in the journal.
3) Add sd-journal as a log format to auditd.
Both of these will run into the problem recently
