It would be very nice to be able to use the linux_auditd log format again,
I noticed it has been added in 4cbd593, 148d16a, and then removed in 3dc7b7d, cbc501b.
I've tried applying the changes in 4cbd593, 148d16a against a current version, but it seems like it's not really working. OSSEC builds just fine, but the changes don't seem to make a difference. Also, logcollector doesn't recognize the 'linux_auditd' format.
Note: This issue has been automatically migrated from Bitbucket
Created by Anonymous on 2013-11-07 14:30:28+00:00, last updated: 2013-11-07 14:32:08+00:00
Hi all
It would be very nice to be able to use the linux_auditd log format again, I noticed it has been added in 4cbd593, 148d16a, and then removed in 3dc7b7d, cbc501b. I've tried applying the changes in 4cbd593, 148d16a against a current version, but it seems like it's not really working. OSSEC builds just fine, but the changes don't seem to make a difference. Also, logcollector doesn't recognize the 'linux_auditd' format.
Note: This issue has been automatically migrated from Bitbucket Created by Anonymous on 2013-11-07 14:30:28+00:00, last updated: 2013-11-07 14:32:08+00:00