Audit Dispatcher
Steve Grubb
sgrubb at redhat.com
Mon Feb 25 21:05:30 UTC 2008
On Monday 25 February 2008 15:56:15 Kevin Boyce wrote:
> Is there any recommended audit dispatcher for the the RHEL audit daemon?
In the 5.2 update we are switching from the python based dispatcher (audit
1.4.1 era) to an improved C based multi-threaded dispatcher (roughly current
with 1.6.8's). I will probably be backporting the same dispatcher to RHEL4.7.
There very well could be other 3rd party dispatchers out there, but I don't
know where you would find them and I have not tested them. Also, the
dispatcher needs SE Linux policy updates since auditd_t is a confined domain.
So, a third party dispatcher has that hurdle to jump over, too.
-Steve
More information about the Linux-audit
mailing list