xoxys.auditd/templates/etc/audit/auditd.conf.j2
2022-09-23 23:03:22 +02:00

39 lines
1.0 KiB
Django/Jinja

#jinja2: lstrip_blocks: True
{{ ansible_managed | comment }}
local_events = yes
write_logs = yes
log_file = /var/log/audit/audit.log
log_group = root
log_format = ENRICHED
flush = INCREMENTAL_ASYNC
freq = 50
max_log_file = {{ auditd_max_log_file }}
num_logs = {{ auditd_num_logs }}
priority_boost = 4
name_format = NONE
##name = mydomain
max_log_file_action = {{ auditd_max_log_file_action }}
space_left = 75
space_left_action = {{ auditd_space_left_action }}
verify_email = yes
action_mail_acct = {{ auditd_action_mail_acct }}
admin_space_left = 50
admin_space_left_action = {{ auditd_admin_space_left_action }}
disk_full_action = SUSPEND
disk_error_action = SUSPEND
use_libwrap = yes
##tcp_listen_port = 60
tcp_listen_queue = 5
tcp_max_per_addr = 1
##tcp_client_ports = 1024-65535
tcp_client_max_idle = 0
transport = TCP
krb5_principal = auditd
##krb5_key_file = /etc/audit/audit.key
distribute_network = no
q_depth = 1200
overflow_action = SYSLOG
max_restarts = 10
plugin_dir = /etc/audit/plugins.d
end_of_event_timeout = 2