Tag Archives: SELinux

SELinux audit reports script

No Comments

Those who use a SELinux enabled distribution – more specifically those who have set the SELinux security layer to enforcing mode – will most probably know about the auditd daemon (part of the audit package in Fedora Core). By default, all SELinux messages are recorded to the syslog, but when auditd is running, then all…

Continue reading

How to integrate seaudit-report in logwatch

No Comments

Today, I revised my logwatch configuration and I decided to use an external parser for the SELinux audits. Logwatch includes such a parser (/usr/share/logwatch/scripts/services/audit script), but i tend to prefer seaudit-report, part of the setools-gui package in Fedora. Don’t let the package name confuse you, seaudit-report is a CLI tool.