"write_logs = no" not working
Stephen Buchanan
stephenwb at gmail.com
Mon Mar 6 04:22:28 UTC 2017
I will leave the real debugging to the experts. but a possible workaround
until then would be to set:
num_logs = 2
max_log_file = 1
max_log_file_action = rotate
This will use a max of 3MB for three 1MB local files, which will be
rotated. Not zero, but a very minimal amount of local storage used.
On Sun, Mar 5, 2017 at 10:24 PM Ian Pilcher <arequipeno at gmail.com> wrote:
(Apologies if this is a duplicate. gmane doesn't seem to be working.)
I have a Banana Pi-based firewall system, which runs off a micro-SD
card and sends all of its logs (including audit events) to a syslog
server.
I have set "write_logs = no" in /etc/audit/auditd.conf, but the local
log file is still being written. (Commenting out the log_file line
causes auditd to abort.)
What do I need to do to disable writing the local file?
(This is audit 2.6.5 on CentOS 7.)
--
========================================================================
Ian Pilcher arequipeno at gmail.com
-------- "I grew up before Mark Zuckerberg invented friendship" --------
========================================================================
--
Linux-audit mailing list
Linux-audit at redhat.com
https://www.redhat.com/mailman/listinfo/linux-audit
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/linux-audit/attachments/20170306/8a8f6a0f/attachment.htm>
More information about the Linux-audit
mailing list