|[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]|
Hi, I am writing a program that will monitor the SELinux log for AVC violations and deal with them appropriately. Currently I am looking at approaches to monitor the SELinux log. One approach is to do raw monitoring of /var/log/audit/audit.log with something like: tail -f /var/log/audit/audit.log | ausearch -m avc A second approach may be to implement an SETroubleShoot plugin: https://fedorahosted.org/setroubleshoot/wiki/SETroubleShoot%20Overview I'm kind of leaning towards an SETroubleShoot plugin since it seems like less new development and the infrastructure seems to be already there. Is this a valid approach? Is there a better way? Thanks, Jason -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
[Fedora Users] [Fedora Legacy] [Fedora Desktop] [Yosemite Photos] [Yosemite News] [Yosemite Campsites] [KDE Users] [Gnome Users]