audisp-prelude problems
Loredan Stancu
loredan.stancu at myclar.ro
Wed Dec 3 10:23:28 UTC 2008
Hi,
I'm testing version 1.7.9 of audit using audisp-prelude plugin and I have
some problems:
1. audisp-prelude plugin is not generating events when a user is logged in.
2. audisp-prelude plugin is not sending uid, gid to a prelude-manager
3. No events are generate for watched files/exec/mk_exe if no tow -k
options are specified in the rule. One of the -k options should contain
'-k ids-type-severity' and another -k may contain anything. If you specify
only one -k options no events are generated.
Another question is how I can use audisp-remote to send events somewhere
remote?
Thx,
Loredan Stancu
More information about the Linux-audit
mailing list