Hello, Am Sonntag, 7. September 2014 schrieb pinguin74:
Am 05.09.2014 00:43, schrieb Christian Boltz:
Am Donnerstag, 4. September 2014 schrieb pinguin74:
What convenient way do you suggest to read audit logs? Especially for AppArmor.
Personally, I let logdigest mail me the interesting parts of audit.log (which basically means grep -v $boring_lines).
For something that is easier readable, I can recommend
aa-notify -v -s 1
Ah, okay, works.
I just thought, aa-notify gives a graphical popup note on the desktop? I gues it can´t do that?
It can do both ;-)
Oh, wait, I have a cool idea, I will pipe the aa-notify output to KDE KWrite and create a new KWrite color highlighting schema, this way I get a optical nice log file output! And with sudo´ed I even don´t need the root password!
Just to make it clear, "-s 1" gives you a summary of the last day.
If you want real-time desktop notifications, use
sudo aa-notify -p --display $DISPLAY
Regards,
Christian Boltz
--
Jetzt kriege ich es echt mit der Angst: da gibt es Zeilen in meinem
Code der identisch mit dem von SCO ist, etwa ein "include