RHEL6 and RHEL7 audispatch configurations

Hi Steve, sorry for bugging you directly, nearly 1 year ago (May 10th to be exact) we collaborated, for my benefit on how to configure audispatch on "RHEL6" machines. It seems that my instructions that I kept from 1 year ago are no longer valid; there are new files in existence and some old ones no longer in existence for both RHEL6 and RHEL7: *[OLD]* /etc/audisp/ *audisp-remote.conf,* /etc/audisp/plugins.d/*au-remote.conf* *[NEW]* /etc/audisp/plugins.d/af_unix.conf /etc/audisp/plugins.d/syslog.conf Not sure how to find the appropriate man pages to configure this setup properly. I am attaching what I wrote 1 year ago; and hope that you can push me in the direction of a good walk-through for audispatch of the modern revision (audit-2.4.5-3 on RHEL6, and audit-2.4.1-5.el7). I have to stick with these revision for a little while since we are going through a Project Management Stage gate, impacting update decisions. -------------------------- Warron French