You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
17 lines
812 B
17 lines
812 B
4 years ago
|
# NOTES:
|
||
|
# This slackbuild won't do much unless you rebuild your kernel with audit enabled.
|
||
|
# Optionally you can enable syscall-level audit.
|
||
|
#
|
||
|
# RULES:
|
||
|
# Some example rulesets are available at /usr/doc/audit-2.0.4/contrib
|
||
|
# stig.rules is an example ruleset for systems that are subject to the US Department of Defense
|
||
|
# UNIX STIG audit requirement, although I read recently on the gov-sec@ Redhat list that
|
||
|
# they hadn't been updating it religiously.
|
||
|
#
|
||
|
# ROTATION:
|
||
|
# The audit log (/var/log/audit/audit.log) is rotated on a size basis automatically by auditd.
|
||
|
# Periodic rotation (i.e. logrotate) is a bad idea for audit, since an attacker could trigger a
|
||
|
# common event rapidly to exhaust log space, then do something nefarious that would go unaudited.
|
||
|
# This package uses the default rotation size of 8MB.
|
||
|
|