missing avc message field names
Steve Grubb
sgrubb at redhat.com
Thu Feb 1 11:40:11 UTC 2007
On Wednesday 31 January 2007 17:59, Russell Coker wrote:
> Maybe there should be an option to have auditd write a binary log file as
> well as either a text log file or logging via syslog?
This should be possible. The audit event dispatcher typically has had a
plugin that relays audit events to syslog. It will likely be a little while
before there are binary formatted logs. I guess my message is really that you
might not want to assume that the site will have text based logs for user
support. Text logs are not being deprecated. Its that there will be more
options soon.
-Steve
More information about the Linux-audit
mailing list