> > > Limiting of audit records is actually done in the kernel, and > currently the rate limit applies equally[1] to all records, there is > no ability to enforce limits per-key.
One question Paul, will it be ok, if we contribute something similar to the Auditd Kernel repository? -- Anurag Aggarwal
-- Linux-audit mailing list [email protected] https://listman.redhat.com/mailman/listinfo/linux-audit
