Notification for audit processing failure

 
Thread Tools Search this Thread
Operating Systems Linux SuSE Notification for audit processing failure
# 1  
Old 02-05-2015
Alert notice for Audit log

Dear users,

I have SLES 11 and SLES 10 servers.

I'd like to receive an alert when audit log files reach certain percentage of full.

1. Is '/etc/audit/auditd.conf' the right file to modify?

2. I'd like to receive email alert. Can I specify my email in this parameter 'action_mail_acct = jpark@comp.xxxx.xxx'?

3. I'd like to get notified when the log file reaches 90%. What parameter value should I change? And where is it?

Thank you,

Last edited by JDBA; 02-05-2015 at 06:20 PM..
Login or Register to Ask a Question

Previous Thread | Next Thread

8 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Help needed on restart-from-point-of-failure in Parallel Processing

Hi Gurus, Good morning... :) OS Info: Linux 2.6.32-431.17.1.el6.x86_64 #1 SMP Fri Apr 11 17:27:00 EDT 2014 x86_64 x86_64 x86_64 GNU/Linux I have a script which takes multiples parameters from a properties file one by one and run in background (to do parallel processing). As example: $ cat... (4 Replies)
Discussion started by: saps19
4 Replies

2. Programming

awk processing / Shell Script Processing to remove columns text file

Hello, I extracted a list of files in a directory with the command ls . However this is not my computer, so the ls functionality has been revamped so that it gives the filesizes in front like this : This is the output of ls command : I stored the output in a file filelist 1.1M... (5 Replies)
Discussion started by: ajayram
5 Replies

3. Shell Programming and Scripting

rsync with e-mail notification failure

dear all, i have script rsync like this : #!/bin/sh RSYNC=/usr/bin/rsync SSH=/usr/bin/ssh RUSER=root RHOST=123.123.123.1 INTRPATH=/home/jargo/log/internasional/ INTHPATH=/var/www/international/ IIXRPATH=/home/jargo/log/iix/ IIXHPATH=/var/www/iix/ TTLRPATH=/home/jargo/log/total/... (2 Replies)
Discussion started by: indracyd
2 Replies

4. Solaris

how to configure a audit in global zone that will audit all the zone

Hi everyone, how i can configure a single audit service in the global zone for all zones, on solaris BSM. I will be glad to hear back from you. Thanks and Regards (3 Replies)
Discussion started by: ladondo
3 Replies

5. UNIX for Dummies Questions & Answers

boot up failure unix sco after power failure

hi power went out. next day unix sco wont boot up error code 303. any help appreciated as we are clueless. (11 Replies)
Discussion started by: fredthayer
11 Replies

6. AIX

When AIX audit start, How to set the /audit/stream.out file size ?

Dear All When I start the AIX(6100-06)audit subsystem. the log will save in /audit/stream.out (or /audit/trail), but in default when /audit/stream.out to grow up to 150MB. It will replace the original /audit/stream.out (or /audit/trail). Then the /audit/stream.out become empty and... (2 Replies)
Discussion started by: nnnnnnine
2 Replies

7. Shell Programming and Scripting

How to make parallel processing rather than serial processing ??

Hello everybody, I have a little problem with one of my program. I made a plugin for collectd (a stats collector for my servers) but I have a problem to make it run in parallel. My program gathers stats from logs, so it needs to run in background waiting for any new lines added in the log... (0 Replies)
Discussion started by: Samb95
0 Replies

8. UNIX for Advanced & Expert Users

if up notification

Hello experts, I have a requirement of notifying my application everytime a network interface is brought up. My application supports Various Unix flavours e.g. RHEL, SLES, AIX, Solaris and Mac OS. I know that SLES supports /etc/sysconfig/network/if-up.d hook scripts that run once an interface is... (2 Replies)
Discussion started by: GajendraSharma
2 Replies
Login or Register to Ask a Question
audit_data(4)							   File Formats 						     audit_data(4)

NAME
audit_data - current information on audit daemon SYNOPSIS
/etc/security/audit_data DESCRIPTION
The audit_data file contains information about the audit daemon. The file contains the process ID of the audit daemon, and the pathname of the current audit log file. The format of the file is: pid>:<pathname> Where pid is the process ID for the audit daemon, and pathname is the full pathname for the current audit log file. EXAMPLES
Example 1: A sample audit_data file. 64:/etc/security/audit/server1/19930506081249.19930506230945.bongos FILES
/etc/security/audit_data ATTRIBUTES
See attributes(5) for descriptions of the following attributes: +-----------------------------+-----------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +-----------------------------+-----------------------------+ |Interface Stability |Obsolete | +-----------------------------+-----------------------------+ SEE ALSO
audit(1M), auditd(1M), bsmconv(1M), audit(2), audit_control(4), audit.log(4) NOTES
The functionality described on this manual page is internal to audit(1M) and might not be supported in a future release. The auditd utility is the only supported mechanism to communicate with auditd(1M). The current audit log can be determined by examining the configured audit directories. See audit_control(4). The functionality described on this manual page is available only if the Basic Security Module (BSM) has been enabled. See bsmconv(1M) for more information. SunOS 5.10 14 Nov 2002 audit_data(4)