FW: Time field not readable
Kirkwood, David A.
DAVID.A.KIRKWOOD at saic.com
Mon Nov 3 19:59:05 UTC 2008
I have removed the packages audit-2.4.1, audit-libs-2.4.1,
audit-libs-devel-2,4,1 and SnareLinux and added via rpm
audit-libs-1.0.14-1, audit-libs-1.0.4-1 and audit-1.0.14-1. The time
field is still not readable when I used ausearch or aureport utilities.
Have I missed something? I am comparing the system to a known good
system and they appear to be identical.
All help is appreciated.
Thanks,
David A. Kirkwood
SAIC
david.a.kirkwood at saic.com
kirkwoodd at saic.com
-----Original Message-----
From: Steve Grubb [mailto:sgrubb at redhat.com]
Sent: Monday, November 03, 2008 11:13 AM
To: linux-audit at redhat.com
Cc: Kirkwood, David A.
Subject: Re: Time field not readable
On Monday 03 November 2008 10:50:05 Kirkwood, David A. wrote:
> I have had the audit running on multiple system for some time using
> auditctl version 1.0.14 and everything is working just the way I want
> it. I have been given a RHEL4u4 system ( which is what the others are)
> and it havs auditctl version 1.2.1.
RHEL4 must use the audit tools from the 1.0.X series. There were many
changes
that cause incompatibility with anything newer. Yes, install the 1.0.14
copy
and it should work better.
-Steve
More information about the Linux-audit
mailing list