From aa4293ccf874af40b8071c0af1898ded5c57b537 Mon Sep 17 00:00:00 2001 From: Steve Grubb Date: Wed, 12 Apr 2023 15:13:51 -0400 Subject: [PATCH] Correct path of config file Reference:https://github.com/linux-audit/audit-userspace/commit/aa4293ccf874af40b8071c0af1898ded5c57b537 Conflict:audisp/plugins/syslog/audisp-syslog.8 --- audisp/plugins/syslog/audisp-syslog.8 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/audisp/plugins/syslog/audisp-syslog.8 b/audisp/plugins/syslog/audisp-syslog.8 index f6a0fe3..30c8a43 100644 --- a/audisp/plugins/syslog/audisp-syslog.8 +++ b/audisp/plugins/syslog/audisp-syslog.8 @@ -14,7 +14,7 @@ to the args line. This will cause all events to be interpreted. The drawback to If you are aggregating multiple machines, you should edit auditd.conf to set the name_format to something meaningful and the log_format to enriched. This way you can tell where the event came from and have the user name and groups resolved locally before it is sent off of the machine. .SH FILES -/etc/audit/syslog.conf +/etc/audit/plugins/syslog.conf /etc/audit/auditd.conf .SH "SEE ALSO" .BR auditd.conf(8), -- 2.33.0