Re: Annoying audit messages

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

On Mon, Sep 26, 2016 at 2:53 PM, Patrick O'Callaghan
<pocallaghan@xxxxxxxxx> wrote:
> On Mon, 2016-09-26 at 14:46 -0400, Alex wrote:
>> Hi all,
>>
>> I recall seeing an rsyslog entry to prevent these messages from
>> filling my messages logs, but it no longer appears to work with f24.
>> Is there a more specific method to disable audit messages?
>>
>> Sep 26 14:40:56 alex kernel: audit: type=2404
>> audit(1474915256.442:724): pid=3297 uid=0 auid=4294967295
>> ses=4294967295 msg='op=destroy kind=server
>> fp=SHA256:c3:77:02:0b:2c:82:43:05:c5:50:ff:e6:99:f1:3f:1a:1d:6a:51:b7:a4:cb:45:55:37:66:95:46:51:9b:80:d2
>> direction=? spid=3297 suid=0  exe="/usr/sbin/sshd" hostname=?
>> addr=107.155.77.2 terminal=? res=success'
>>
>> I'm not using selinux, and have enabled rsyslog. They're just not helpful to me.
>
> Edit /etc/default/grub. Look for the line beginning GRUB_CMDLINE_LINUX.
> Add "audit=0" to the end of that line. Run:
>
> grub2-mkconfig --output /boot/grub2/grub.cfg
>
> Audit will be turned off when you reboot. To turn it off without
> rebooting, do:
>
> auditctl -e 0

Thanks very much, very helpful. What is the reason this is enabled by
default? Don't other people find it obnoxious and unhelpful?

How does this information help the average sysadmin?
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx



[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux