########################################################################### # $Id: audit.conf,v 1.2 2005/06/07 18:17:20 bjorn Exp $ ########################################################################### # You can put comments anywhere you want to. They are effective for the # rest of the line. # this is in the format of <name> = <value>. Whitespace at the beginning # and end of the lines is removed. Whitespace before and after the = sign # is removed. Everything is case *insensitive*. # Yes = True = On = 1 # No = False = Off = 0 Title = "Selinux Audit" # Which logfile group... LogFile = messages # Only give lines related to the audit service # Note that audit lines may have something like audit(1114839915.618:0) # as the service name # (Some implementations might not precede it with "kernel:") *OnlyService = (kernel:)?\s*audit.* *RemoveHeaders ######################################################## # This was written and is maintained by: # Ron Kuris <swcafe@gmail.com> # # Please send all comments, suggestions, bug reports, # etc, to logwatch-devel@logwatch.org ########################################################