Re: Is there a method for collect all selinux logs and create a graph??

David Cafaro <dac@xxxxxxxxxx> · Tue, 16 Sep 2014 16:40:59 -0400



    You can tell audisp (
    http://man7.org/linux/man-pages/man8/audispd.8.html ) to send all
    audit messages to syslog and then use a centralized syslog system to
    collect your logs into a central repository.  At that point you can
    use your favorite log parsing tools to review your SELinux audit
    messages (not to mention other items) at will.

    
    Cheers,

    David

    
    On 09/16/2014 05:28 AM, Maurizio Pagani
      wrote:

    
      Hi everybody.
        

        I'll want configure SELinux in 1000+ Systems, but i need to
          know, if there is a method or product that collect all logs of
          SELinux and create a mirror of what are happening in the
          systems.
        

        An example is snorby for suricata or snort (IDS/IPS):
        http://www.rivy.org/wp-content/uploads/2013/03/snorby-screenshot.png

        
        Let me know.
        

        Thanks in advance.
        

        Maurizio Pagani
      
      
      --
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
    
    
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux