Chronological audit logs
Steve Grubb
sgrubb at redhat.com
Tue Nov 28 21:36:19 UTC 2006
On Tuesday 28 November 2006 16:06, Kirkwood, David A wrote:
> Can someone tell me how I can generate a chronological listing between 2
> dates of all the issues I have designated to watch in the audit capabilities
> of the system?
ausearch -ts date1 -te date2
> I currently use Sun workstations and generate the audit logs via praudit and
> was looking for some way to set up simaller archived weekly audit logs.
You would need to setup a cron job to do the weekly rotation if that is what
you want. There is a sample cron script, auditd.cron, that you can use as a
starting point. The normal rotation is by size in order to fit more data onto
your drives.
-Steve
More information about the Linux-audit
mailing list