Using seaudit-report to send reports per e-mail or post to an Intranet page

Steve G linux_4ever at
Mon Aug 28 19:13:31 UTC 2006

>This solution is definitely interesting to me, have you code to implement it?

The aureport command was intended to be the audit log reduction utility. It can
provide lots of information about various aspects of the system beyond AVCs.

for example, failed logins:
aureport -ts today -l --failed

failed syscalls:
aureport -ts -i -s --failed

failed file access:
aureport -ts today -i -f --failed

You can also get numeric summaries by adding --summary.


Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 

More information about the fedora-selinux-list mailing list