audit 0.6 release
Casey Schaufler
casey at schaufler-ca.com
Fri Jan 7 17:03:33 UTC 2005
--- "Browder, Tom" <Tom.Browder at fwb.srs.com> wrote:
> Instead of the logrotate methodology, how about
> letting auditd do it.
>
> For my purposes I would like to see the audit logs
> saved as something
> like
>
'audit.log.2004m12hd01h0001s00CST_2004m12d04h1231s42CST'
> (and g or
> bzipped). So the auditd could save the time stamp
> of the last log save,
> and when full or at the next user desired time,
> atomically save the
> existing log and start a new one without missing a
> message
The SGI audit daemon code I posted earlier does
this sort of management and log file naming.
=====
Casey Schaufler
casey at schaufler-ca.com
__________________________________
Do you Yahoo!?
Yahoo! Mail - Helps protect you from nasty viruses.
http://promotions.yahoo.com/new_mail
More information about the Linux-audit
mailing list