search

kemra102 / puppet-auditd

Manage the audit daemon and it's rules.
BSD 2-Clause "Simplified" License
14 stars 54 forks source link

improvement of using class "auditd::audisp::syslog" #39

Closed jewelnuruddin closed 6 years ago

jewelnuruddin commented 6 years ago

I uderstand that if someone want to enable syslog for auditd then calling class auditd::audisp::syslog will make active = true as this is hard coded define in https://github.com/kemra102/puppet-auditd/blob/master/manifests/audisp/plugin.pp#L2

Here my opinion or I feel comfortable to make this default value false and pass this variable throw

class auditd::audisp::syslog (
             $active    = true,
             $args      = 'LOG_INFO',
}

I mean control parameter values from top level

So why this is coming into my mind? Because enabling auidt log into syslog might be causing the system overhead. So make sure if someone really want to enable this.

kemra102 commented 6 years ago

Closing this as it duplicates the related pull request #40