Snare, SELinux, NISPOM
Steve Grubb
sgrubb at redhat.com
Tue Dec 21 16:27:33 UTC 2004
On Tuesday 21 December 2004 11:23, Browder, Tom wrote:
> Thanks, Steve, when someone has a good policy that (1) satisfies NISPOM
> and (2) eliminates most other avc log traffic you'll have a winner.
The latest auditd in rawhide sends real audit message to a log file. The SE
Linux avc messages wind up in syslog. The file format of the log file will be
changing sometime real soon, though.
-Steve
More information about the Linux-audit
mailing list