[rhn-users] Is anything supposed to clean up /var/log/audit.d?
Rich Graves
rcgraves at brandeis.edu
Fri Jan 28 15:12:22 UTC 2005
On Fri, 28 Jan 2005, GREG WOJTAK wrote:
> Why don't you just configure audit not to hold that much information?
> The default in /etc/audit.d/audit.conf is 4 files of 20 MB each. Or am
> I not understanding fully what you are asking?
The default installation on our boxes keeps /var/log/audit.d/bin.{0,1,2,3}
of 20MB each, but upon log rotation, each bin.{0,1,2,3} is copied to
/var/log/audit.d/save.NNN.
The relevant line in /etc/audit/audit.conf is
notify = "/usr/sbin/audbin -S /var/log/audit.d/save.%u -C"
I've appended to the notify line
" && find /var/log/audit.d/ -mtime +60 -print0 |xargs --no-run-if-empty -0 rm"
--
Rich Graves <rcgraves at brandeis.edu>
UNet Systems Administrator
More information about the rhn-users
mailing list