Using seaudit-report to send reports per e-mail or post to an Intranet page
Steve G
linux_4ever at yahoo.com
Mon Aug 28 19:13:31 UTC 2006
>This solution is definitely interesting to me, have you code to implement it?
The aureport command was intended to be the audit log reduction utility. It can
provide lots of information about various aspects of the system beyond AVCs.
for example, failed logins:
aureport -ts today -l --failed
failed syscalls:
aureport -ts -i -s --failed
failed file access:
aureport -ts today -i -f --failed
You can also get numeric summaries by adding --summary.
-Steve
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
More information about the fedora-selinux-list
mailing list