[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [opensuse-security] No time stamps in audit.log?


Am Donnerstag, 4. September 2014 schrieb pinguin74:
> What convenient way do you suggest to read audit logs? Especially for
> AppArmor.

Personally, I let logdigest mail me the interesting parts of audit.log 
(which basically means grep -v $boring_lines).

For something that is easier readable, I can recommend

    aa-notify -v -s 1

which would also make a nice cron.daily if you do

    aa-notify -v -s 1 | mail -s "AppArmor report" root

(see aa-notify --help or man aa-notify for details and other options)


Christian Boltz
Erfinder und Entwickler sind von Natur aus faul, denn Erfindern und
Entwickler, entwickeln Dinge, die das Leben einfacher machen sollen.
Die Hauptinitiative hierfür ist meist Faulheit.

To unsubscribe, e-mail: opensuse-security+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-security+owner@xxxxxxxxxxxx