39 lines
1.0 KiB
Django/Jinja
39 lines
1.0 KiB
Django/Jinja
#jinja2: lstrip_blocks: True
|
|
{{ ansible_managed | comment }}
|
|
local_events = yes
|
|
write_logs = yes
|
|
log_file = /var/log/audit/audit.log
|
|
log_group = root
|
|
log_format = ENRICHED
|
|
flush = INCREMENTAL_ASYNC
|
|
freq = 50
|
|
max_log_file = {{ auditd_max_log_file }}
|
|
num_logs = {{ auditd_num_logs }}
|
|
priority_boost = 4
|
|
name_format = NONE
|
|
##name = mydomain
|
|
max_log_file_action = {{ auditd_max_log_file_action }}
|
|
space_left = 75
|
|
space_left_action = {{ auditd_space_left_action }}
|
|
verify_email = yes
|
|
action_mail_acct = {{ auditd_action_mail_acct }}
|
|
admin_space_left = 50
|
|
admin_space_left_action = {{ auditd_admin_space_left_action }}
|
|
disk_full_action = SUSPEND
|
|
disk_error_action = SUSPEND
|
|
use_libwrap = yes
|
|
##tcp_listen_port = 60
|
|
tcp_listen_queue = 5
|
|
tcp_max_per_addr = 1
|
|
##tcp_client_ports = 1024-65535
|
|
tcp_client_max_idle = 0
|
|
transport = TCP
|
|
krb5_principal = auditd
|
|
##krb5_key_file = /etc/audit/audit.key
|
|
distribute_network = no
|
|
q_depth = 1200
|
|
overflow_action = SYSLOG
|
|
max_restarts = 10
|
|
plugin_dir = /etc/audit/plugins.d
|
|
end_of_event_timeout = 2
|