Mailinglist Archive: opensuse-security (51 mails)

< Previous Next >
Re: [opensuse-security] No time stamps in audit.log?
Hello,

Am Sonntag, 7. September 2014 schrieb pinguin74:
Am 05.09.2014 00:43, schrieb Christian Boltz:
Am Donnerstag, 4. September 2014 schrieb pinguin74:
What convenient way do you suggest to read audit logs? Especially
for
AppArmor.

Personally, I let logdigest mail me the interesting parts of
audit.log (which basically means grep -v $boring_lines).

For something that is easier readable, I can recommend

aa-notify -v -s 1

Ah, okay, works.

I just thought, aa-notify gives a graphical popup note on the desktop?
I gues it can´t do that?

It can do both ;-)

Oh, wait, I have a cool idea, I will pipe the aa-notify output to KDE
KWrite and create a new KWrite color highlighting schema, this way I
get a optical nice log file output! And with sudo´ed I even don´t
need the root password!

Just to make it clear, "-s 1" gives you a summary of the last day.

If you want real-time desktop notifications, use

sudo aa-notify -p --display $DISPLAY


Regards,

Christian Boltz
--
Jetzt kriege ich es echt mit der Angst: da gibt es Zeilen in meinem
Code der identisch mit dem von SCO ist, etwa ein "include <stdio.h>"
oder aber auch ein hinterlistiges "default:break;".
[Michael Karges in suse-linux]

--
To unsubscribe, e-mail: opensuse-security+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-security+owner@xxxxxxxxxxxx

< Previous Next >
List Navigation