Using seaudit-report to send reports per e-mail or post to an Intranet page

Steve G linux_4ever at yahoo.com
Mon Aug 28 19:13:31 UTC 2006


>This solution is definitely interesting to me, have you code to implement it?

The aureport command was intended to be the audit log reduction utility. It can
provide lots of information about various aspects of the system beyond AVCs.

for example, failed logins:
aureport -ts today -l --failed

failed syscalls:
aureport -ts -i -s --failed

failed file access:
aureport -ts today -i -f --failed

You can also get numeric summaries by adding --summary.

-Steve

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 




More information about the fedora-selinux-list mailing list