Re: FW: Time field not readable
On Monday 03 November 2008 14:59:05 Kirkwood, David A. wrote:
I have removed the packages audit-2.4.1, audit-libs-2.4.1,
audit-libs-devel-2,4,1
I have no idea what those are. the latest RHEL4 audit package is 1.0.16 and
RHEL5 is 1.6.5. My development copy is 1.7.9. You have a RHEL4 system that is
way out of whack since those are packages that I've never heard of. :)
and SnareLinux and added via rpm audit-libs-1.0.14-1,
audit-libs-1.0.4-1 and
audit-1.0.14-1. The time field is still not readable when I used ausearch or
aureport utilities.
Updating the user space utilities means that from now on your logs will be
readable. Also, what kernel are you running? Are you running a real RHEL4
kernel?
-Steve