Failed to open syslog writer on LXC

slackhq / go-audit

go-audit is an alternative to the auditd daemon that ships with many distros

MIT License

1.56k stars 162 forks source link

Failed to open syslog writer on LXC #123

Open liberodark opened 2 weeks ago

liberodark commented 2 weeks ago

Hi,

Have issue on Debian 12 with go-audit 1.2.0

go-audit -config /etc/go-audit/go-audit.yaml 
Failed to open syslog writer. Error: dial unix /var/run/go-audit.sock: connect: no such file or directory

Best Regards

wadey commented 1 week ago

What is in your config under the output section? It looks like you enabled syslog output but pointed it at a socket that doesn't exist. Either point it at an existing socket, or use file output instead.