Hello all,
I've configured 'audit' service to send the audit logs to a remote log server (by using syslog plugin), which is working fine.
However, there is a problem. audit service also tries to write same information (but in binary format) in /var/audit path.
So, Is there anyway to stop audit service from storing the log files in /var partition and instead only use syslog to send the information to remote host ?
Thanks,