I am looking at using all in-house tools (syslog.conf,
/etc/sysconfig/syslog, and gnome-log-viewer or have the log file go to a
web-accessed file), with everything being logged to
/var/log/master_log_file or /var/www/master_log_file.
What the master_log_file doesn't capture are the entries in audit.log.
If I use the viewer to review audit.log, I get the raw date/time stamp
format, which is not human readable.
So, how can I get audit.log (from all clients) details to pipe (really
also get copied) to the master_log_file, and, along the way, be properly
interpreted by ausearch -i so I can actually tell the proper date/time of
the entries?
Thanks.
Scott
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
