RHEL6 and RHEL7 audispatch configurations
warron.french
warron.french at gmail.com
Mon Apr 3 18:23:21 UTC 2017
Hi Steve, sorry for bugging you directly, nearly 1 year ago (May 10th to be
exact) we collaborated, for my benefit on how to configure audispatch on
"RHEL6" machines.
It seems that my instructions that I kept from 1 year ago are no longer
valid; there are new files in existence and some old ones no longer in
existence for both RHEL6 and RHEL7:
*[OLD]*
/etc/audisp/
*audisp-remote.conf,*
/etc/audisp/plugins.d/*au-remote.conf*
*[NEW]*
/etc/audisp/plugins.d/af_unix.conf
/etc/audisp/plugins.d/syslog.conf
Not sure how to find the appropriate man pages to configure this setup
properly. I am attaching what I wrote 1 year ago; and hope that you can
push me in the direction of a good walk-through for audispatch of the
modern revision (audit-2.4.5-3 on RHEL6, and audit-2.4.1-5.el7).
I have to stick with these revision for a little while since we are going
through a Project Management Stage gate, impacting update decisions.
--------------------------
Warron French
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/linux-audit/attachments/20170403/afb2d8db/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: DOCS-02-Configure Centralized AUDIT-logging with audispatch.docx
Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document
Size: 28091 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/linux-audit/attachments/20170403/afb2d8db/attachment.docx>
More information about the Linux-audit
mailing list