Man Linux: Main Page and Category List

NAME

       audisp-remote - plugin for remote logging

SYNOPSIS

       audisp-remote

DESCRIPTION

       audisp-remote  is  a  plugin  for  the  audit  event dispatcher daemon,
       audispd, that preforms remote logging to an aggregate logging server.

TIPS

       If you are  aggregating  multiple  machines,  you  should  enable  node
       information  in  the  audit event stream. You can do this in one of two
       places. If you want computer node names written to disk as well as sent
       in   the   realtime  event  stream,  edit  the  name_format  option  in
       /etc/audit/auditd.conf. If you only want the node names in the realtime
       event     stream,    then    edit    the    name_format    option    in
       /etc/audisp/audispd.conf. Do not enable both as  it  will  put  2  node
       fields in the event stream.

FILES

       /etc/audisp/plugins.d/au-remote.conf,           /etc/audit/auditd.conf,
       /etc/audisp/audispd.conf, /etc/audisp/audisp-remote.conf

SEE ALSO

       audispd(8), auditd.conf(8), audispd.conf(8), audisp-remote.conf(5).

AUTHOR

       Steve Grubb