mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2024-11-14 23:43:56 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

report - Add Auditd information

Browse Source
This commit is contained in:
Stoppedpuma 2024-06-07 21:31:17 +02:00 committed by Alex
parent 491cb28f2a
commit 1eaf24c965
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
docs/report.md
View File

@ -16,6 +16,16 @@ If this command produce nothing, try:
aa-log -s -R aa-log -s -R
``` ```
If the log file is empty, check that Auditd is running:
```sh
sudo systemctl status auditd.service
```
If Auditd is disabled aa-log will not have new results, you can enable Auditd by doing the following command:
```sh
sudo systemctl enable auditd.service --now
```
You can get more logs with: You can get more logs with:
1. `aa-log -R -s` that will provide all apparmor logs since boot time (if journalctl collect them) 1. `aa-log -R -s` that will provide all apparmor logs since boot time (if journalctl collect them)