a27655bb8f
Signed-off-by: xuraoqing <609179072@qq.com> (cherry picked from commit 5255e7ae0b8c4c8c9dd47a4134203a9655fcefbc)
28 lines
1.2 KiB
Diff
28 lines
1.2 KiB
Diff
From aa4293ccf874af40b8071c0af1898ded5c57b537 Mon Sep 17 00:00:00 2001
|
|
From: Steve Grubb <sgrubb@redhat.com>
|
|
Date: Wed, 12 Apr 2023 15:13:51 -0400
|
|
Subject: [PATCH] Correct path of config file
|
|
|
|
Reference:https://github.com/linux-audit/audit-userspace/commit/aa4293ccf874af40b8071c0af1898ded5c57b537
|
|
Conflict:audisp/plugins/syslog/audisp-syslog.8
|
|
|
|
---
|
|
audisp/plugins/syslog/audisp-syslog.8 | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/audisp/plugins/syslog/audisp-syslog.8 b/audisp/plugins/syslog/audisp-syslog.8
|
|
index f6a0fe3..30c8a43 100644
|
|
--- a/audisp/plugins/syslog/audisp-syslog.8
|
|
+++ b/audisp/plugins/syslog/audisp-syslog.8
|
|
@@ -14,7 +14,7 @@ to the args line. This will cause all events to be interpreted. The drawback to
|
|
If you are aggregating multiple machines, you should edit auditd.conf to set the name_format to something meaningful and the log_format to enriched. This way you can tell where the event came from and have the user name and groups resolved locally before it is sent off of the machine.
|
|
|
|
.SH FILES
|
|
-/etc/audit/syslog.conf
|
|
+/etc/audit/plugins/syslog.conf
|
|
/etc/audit/auditd.conf
|
|
.SH "SEE ALSO"
|
|
.BR auditd.conf(8),
|
|
--
|
|
2.33.0
|
|
|