On Tue, 21 Aug 2007, Eric Crist wrote:
thx this not working wite up buffer-pipe to 4096 bytes
Can I ask what is in the /etc/auditpipe file?
I believe what is meant is /dev/auditpipe, which provides a live event stream
from the kernel's audit subsystem in FreeBSD 6.2 and later. You can read more
about the event audit facility here:
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/audit.html
The auditpipe(4) man page provides more detailed information on audit pipes,
which, unlike the trail files in /var/audit, provide live streams in a lossy
way, and allow applications to push filters into the kernel as to what events
they are interested in hearing about.
Robert N M Watson
Computer Laboratory
University of Cambridge
_______________________________________________
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
