[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

RE: audit 0.6 release



--- "Browder, Tom" <Tom Browder fwb srs com> wrote:


> Instead of the logrotate methodology, how about
> letting auditd do it.
> 
> For my purposes I would like to see the audit logs
> saved as something
> like
>
'audit.log.2004m12hd01h0001s00CST_2004m12d04h1231s42CST'
> (and g or
> bzipped).  So the auditd could save the time stamp
> of the last log save,
> and when full or at the next user desired time,
> atomically save the
> existing log and start a new one without missing a
> message

The SGI audit daemon code I posted earlier does
this sort of management and log file naming.



=====
Casey Schaufler
casey schaufler-ca com


		
__________________________________ 
Do you Yahoo!? 
Yahoo! Mail - Helps protect you from nasty viruses. 
http://promotions.yahoo.com/new_mail


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]