Selinux Logging And Reporting In CentOS 7

Home » CentOS » Selinux Logging And Reporting In CentOS 7
CentOS No Comments

Seems odd the stock logwatch polls for audit data in messages while the stock config has that data sent to /var/log/audit/audit.log? Not sure why that doesn’t have a distro specific override…

So on that premise, what are people using for reports on headless c7
instances without a gui? Anything better than logwatch worth investigating?

Thanks, jlc