audit collector startup help

Tuesday, 9 September 2008

DJ (or anyone) - 

Is there a HOWTO for activating the 1.7.5 aggregating feature?
My apologies if I missed this earlier.

I believe that the collector needs to uncomment the lines
in /etc/auditd/auditd.conf and the senders/clients need to set
active=yes, remote=<IP-address> in the  audisp-remote.conf file.

However, my collector auditd fails on start; it might be that I do not
have it configured correctly.

I have : audit-1.7.5-1.fc9.i386 

Thx,
LCB.

-- 
LC (Lenny) Bruzenak
lenny(a)magitekltd.com

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

audit collector startup help