Re: Snare, SELinux, NISPOM
On Tuesday 21 December 2004 11:23, Browder, Tom wrote:
Thanks, Steve, when someone has a good policy that (1) satisfies
NISPOM
and (2) eliminates most other avc log traffic you'll have a winner.
The latest auditd in rawhide sends real audit message to a log file. The SE
Linux avc messages wind up in syslog. The file format of the log file will be
changing sometime real soon, though.
-Steve