Dear users,
I have SLES 11 and SLES 10 servers.
I'd like to receive an alert when audit log files reach certain percentage of full.
-
Is '/etc/audit/auditd.conf' the right file to modify?
-
I'd like to receive email alert. Can I specify my email in this parameter 'action_mail_acct = jpark@comp.xxxx.xxx'?
-
I'd like to get notified when the log file reaches 90%. What parameter value should I change? And where is it?
Thank you,