I thought about that. Auditd is a high volume tool - calling logger for every message seems awfully expensive resource wise. > -----Original Message----- > From: redhat-list-bounces@xxxxxxxxxx > [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Serge Dubrouski > Sent: Wednesday, January 10, 2007 3:01 PM > To: General Red Hat Linux discussion list > Subject: Re: Streaming auditd information to syslog > > It looks like it can be a simple script calling logger tool. > > man logger. > > On 1/10/07, Bailey, Edward <ebailey@xxxxxxxxxxxxxx> wrote: > > Hello > > > > I am looking into streaming auditd information to a central syslog > > server. I see a place in the audit.conf config file to make this > > happen, but I can can't get it to work and I am hoping > someone else knows how. > > > > In audit.conf > > > > # Alternative output > > output { > > mode = stream; > > command = "/usr/local/sbin/send_to_syslog" > > }; > > > > This seems to be where output is directed to syslog, but what is > > "/usr/local/sbin/send_to_syslog"? > > > > Does anyone know? I can't find an answer. > > > > Thanks > > > > Ed > > ------------------------ > > CONFIDENTIALITY NOTICE > > This e-mail and any attachments contain information which > may be confidential or privileged and exempt from disclosure > under applicable law. If you are not the intended recipient, > be aware that any disclosure, copying, distribution, or use > of the contents of this information is without authorization > and is prohibited. If you have received this email in error, > please immediately notify us by returning it to the sender > and delete this copy from your computer system. Thank you. > > ------------------------ > > > > -- > > redhat-list mailing list > > unsubscribe > mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > > https://www.redhat.com/mailman/listinfo/redhat-list > > > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list > > > ------------------------ CONFIDENTIALITY NOTICE This e-mail and any attachments contain information which may be confidential or privileged and exempt from disclosure under applicable law. If you are not the intended recipient, be aware that any disclosure, copying, distribution, or use of the contents of this information is without authorization and is prohibited. If you have received this email in error, please immediately notify us by returning it to the sender and delete this copy from your computer system. Thank you. ------------------------ -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
