overhead of auditd
Hi,
Turning on all system calls in audit.rules, and transferring a tar file to the target
system (CentOS 7, 4 cores), I found "auditd" consumes high CPU usage.
Is it expected?
BTW, after turning write-logs off, and add dispatcher, both "audispd" and
"auditd" are consuming high CPU.
Regards
Hai
Attachments:
- DAF3F9AF3D976D26.41FD275D.png (application/octet-stream — 22.4 KB)
- attachment.html (text/html — 506 bytes)
