I'm considering turning on some fairly severe auditing. In addition to the usual suspects, the following are under consideration:
1. All opens for write 2. All execs 3. All incoming and outgoing network connections Has anybody tried the above on: * An idle system * A system running a moderately busy Oracle RAC node * A system running WebLogic If so, I'd be interested in what sort of volume of data we're talking about. I'd also be interested in any potted recipes for achieving (3) above that anybody might have ;) Thanks, Matt -- Red Hat, Global Professional Services M: +44 (0)7977 267231 GPG ID: D33C3490 GPG FPR: 3733 612D 2D05 5458 8A8A 1600 3441 EA19 D33C 3490
-- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
