[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Filter for audit.log



Hello, we have installed Splunk in order to monitor the audit.log files of
several systems.  However, our audit.log files are turning over quicker
than usual since Splunk seems to span our audit.log file with entries.

Is there a way to get audit.log to filter messages from Splunk in RHEL 5
server systems?

Thanks in advance!
Starr



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]