Using audti2why with tail?
Frank Licea
francisco.licea at gmail.com
Tue Dec 28 20:13:47 UTC 2010
This works nicely thanks for the tip
On Tue, Dec 28, 2010 at 1:06 PM, Dominick Grift <domg472 at gmail.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 12/28/2010 08:42 PM, Frank Licea wrote:
> > I'd like to scroll the output messages located in
> /var/log/audit/audit.log.
> > I know I can do that with tail -f /var/log/audit/audit.log.
> > Is there a way to some how pipe that through audit2why and tail -f to
> clean
> > up the messages as they happen?
> >
>
> not sure if i understand what you mean but maybe something like:
>
> watch -n 5 ausearch -m avc -ts recent
>
> or maybe replace recent with `date | something` to make it more
> accurate. (see man watch and man ausearch for that)
>
> >
> > --
> > selinux mailing list
> > selinux at lists.fedoraproject.org
> > https://admin.fedoraproject.org/mailman/listinfo/selinux
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.16 (GNU/Linux)
> Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAk0aQ10ACgkQMlxVo39jgT8PKQCfdKesuHag968W+xWHVMxJ9zXB
> 6doAoJHKsD2ctGEBUUHCsZ8iZ20R5K9X
> =xc0a
> -----END PGP SIGNATURE-----
> --
> selinux mailing list
> selinux at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.fedoraproject.org/pipermail/selinux/attachments/20101228/6369c8da/attachment.html
More information about the selinux
mailing list