audispd stopping on distribute-network = yes
Lenny Bruzenak
lenny at magitekltd.com
Tue Oct 16 22:07:57 UTC 2018
Situation:
Have 3 VMs all running RHEL7.6 (3.10.0-933.el7.x86_64) with audit
components 2.8.4, including audisp-plugins. Using the audisp-remote plugin,
Machine A -> B
Machine B -> C
Problem 1:
If I enable "distribute_network = yes" on Machine B, audispd (and
children) stops.
No anom_abend, no message in syslog, no audit event I can identify as a
clue.
Problem 2:
If I disable the distribute_network, the audispd and audisp-remote work
fine.
If I reboot Machine B, Machine A now doesn't auto-reconnect. I thought
we had addressed these reconnect issues a ways back?
Thanks in advance for any advice,
LCB
--
Lenny Bruzenak
MagitekLTD
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/linux-audit/attachments/20181016/eb29e0e1/attachment.htm>
More information about the Linux-audit
mailing list