When the /logs endpoint is exposed, and an active scan is running, we try to parse the file /var/log/audit/audit.log
This file down not necessarily exist. for now we at least need to specify that we did not manage to prove this in the evidence.
Next step is implementing another way of proving this in a more versatile way
When the
/logs
endpoint is exposed, and an active scan is running, we try to parse the file/var/log/audit/audit.log
This file down not necessarily exist. for now we at least need to specify that we did not manage to prove this in the evidence.Next step is implementing another way of proving this in a more versatile way