[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [opensuse-security] No time stamps in audit.log?



Hello,

Am Donnerstag, 4. September 2014 schrieb pinguin74:
> What convenient way do you suggest to read audit logs? Especially for
> AppArmor.

Personally, I let logdigest mail me the interesting parts of audit.log 
(which basically means grep -v $boring_lines).

For something that is easier readable, I can recommend

    aa-notify -v -s 1

which would also make a nice cron.daily if you do

    aa-notify -v -s 1 | mail -s "AppArmor report" root

(see aa-notify --help or man aa-notify for details and other options)


Regards,

Christian Boltz
-- 
Erfinder und Entwickler sind von Natur aus faul, denn Erfindern und
Entwickler, entwickeln Dinge, die das Leben einfacher machen sollen.
Die Hauptinitiative hierfür ist meist Faulheit.
[http://miraspostgresqlwelt.blogspot.com/2011/09/technische-unterschiede-postgresql_02.html]

--
To unsubscribe, e-mail: opensuse-security+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-security+owner@xxxxxxxxxxxx