LOG_WARN or LOG_WARNING?

Ryan Sawhill rsawhill at redhat.com
Tue Oct 4 15:04:35 UTC 2016


On Tue, Oct 4, 2016 at 10:58 AM, leam hall <leamhall at gmail.com> wrote:

> Sort of a followup question. I'm surprised adding "audit.none" to the
> "/var/log/messages" line of rsyslog.conf (RHEL 6) works. I didn't think
> audit was a full "facility" in whatever rsyslog looks at. Am I more
> confused than normal?
>

It's not. If you look at your main log you should see a message from
rsyslogd saying something like "unknown facility 'audit'".
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/linux-audit/attachments/20161004/a04590ef/attachment.htm>


More information about the Linux-audit mailing list