auditing lots of files
Evren Kalayciklioglu
cliffhanger1212 at yahoo.com
Mon May 22 08:28:47 UTC 2006
Hi,
I am trying to watch several directories and in it all
of files. I can see when a new file is created or
deleted in the directory and when i change a file with
vi -for example writing new lines- i can see it also
in the audit.log. But when i open a file with
staroffice or openoffice and i click save, i can't see
any log in audit.log. If i add directly file name, it
works. We have approximately five hundred thousand
files these will be wathced. Sometimes this number
increase sometimes decrease.
Do i have to add all of file paths? How can i control
audit.rules? If i have to do that, what will be the
system usage?
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
More information about the Linux-audit
mailing list