(Apologies if this is a duplicate. gmane doesn't seem to be working.)
I have a Banana Pi-based firewall system, which runs off a micro-SD
card and sends all of its logs (including audit events) to a syslog
server.
I have set "write_logs = no" in /etc/audit/auditd.conf, but the local
log file is still being written. (Commenting out the log_file line
causes auditd to abort.)
What do I need to do to disable writing the local file?
(This is audit 2.6.5 on CentOS 7.)
--
========================================================================
Ian Pilcher arequipeno(a)gmail.com
-------- "I grew up before Mark Zuckerberg invented friendship" --------
========================================================================