Re: Chronological audit logs
On Tue, 2006-11-28 at 16:06 -0500, Kirkwood, David A wrote:
Can someone tell me how I can generate a chronological listing
between
2 dates of all the issues
I have designated to watch in the audit capabilities of the system?
/sbin/ausearch -i -ts "starting date" -te "ending date"
And of course you can use the other options of ausearch to refine that
listing as desired.
I need to get a system with audit
capability sufficiently palatable to the Defense Department for
classified use. I currently use Sun
workstations and generate the audit logs via praudit and was looking
for some way to set up simaller
archived weekly audit logs.
--
Stephen Smalley
National Security Agency