auditd.cron
warron.french
warron.french at gmail.com
Wed Mar 22 21:19:11 UTC 2017
So, I needed a feature over 8 months ago, nobody could provide one for the
following:
Rolling log files either when they hit a certain size or the day
changed over at midnight.
I know that I could have rolled the files at a specific size, by using the
*max_log_file* attribute as identified in the */etc/audit/auditd.conf*, but
there was no "builtin" for managing auto rotation at the start of a new day
(0000 hrs).
It looks like there is a file called */usr/share/doc/auditd-<**version>*
*/auditd.cron*
*.*
To me*, *this file is new; considering I needed it 8 months ago.
*Anyway, how is this file implemented? * Simply move it to a directory with
permissions to execute; ensure it is executable and then simply set up a
cronjob to execute it at whatever time of day that I wish?
*Finally, if I have '-e 2' as the last control in the audit.rules file;
will the auditd.cron which executes as service auditd rotate still function
properly?*
Thanks in advance,
--------------------------
Warron French
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/linux-audit/attachments/20170322/5dc131c3/attachment.htm>
More information about the Linux-audit
mailing list