[rsyslog-notify] Forum Thread: Re: Why are all my logs going to /var/log/audit/audit.log - (Mode 'reply')
noreply at adiscon.com
noreply at adiscon.com
Thu Feb 25 01:41:22 CET 2016
User: dlang
Forumlink: http://kb.monitorware.com/viewtopic.php?p=26371#p26371
Message:
----------
when you say "everything is being sent to /var/log/audit/audit.log" do you
mean that there is a lot of stuff that goes there, or that stuff goes there
that doesn't go there if you start it manually?
what distro are you running?
if it's just a flood of audit messages, you could be running into this
problem <!-- m --><a class="postlink"
href="https://github.com/systemd/systemd/issues/959">https://github.com/systemd/systemd/issues/959</a><!--
m -->
you aren't showing us what is being included, and nothing in the config you
show specifies audit.log, so we would need to see the rest of the config to
figure out what's happening
More information about the rsyslog-notify
mailing list