two questions regarding default audit behavior
Bill Tangren
bjt at aa.usno.navy.mil
Wed Jan 17 15:58:35 UTC 2007
I have two questions regarding default audit behavior (i.e. auditd is running,
but there is nothing in audit.rules but "-D" and "-b 256"):
1) what is being audited?
2) can I use the -D command to prevent those things from being audited?
I am required to have auditing running, but what I need to audit is specific.
One server in particular is slow (a 750 MHz Pentium III) to start with, and
default auditing is slowing it down to a crawl.
Bill Tangren
More information about the Linux-audit
mailing list