Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision
Previous revision
centos7:4:1:1 [2017/05/04 15:43]
Piotr Kłoczewski created
centos7:4:1:1 [2017/05/06 13:17] (current)
Line 1: Line 1:
 ====== 4.1.1 Configure Data Retention ====== ====== 4.1.1 Configure Data Retention ======
 +==== List of content ====
 +{{indexmenu>​.:​1#​3 |context}}
 +==== Description ====
 When auditing, it is important to carefully configure the storage requirements for audit logs. By default, auditd will max out the log files at 5MB and retain only 4 copies of them. Older versions will be deleted. It is possible on a system that the 20 MBs of audit logs may fill up the system causing loss of audit data. While the recommendations here provide guidance, check your site policy for audit storage requirements. When auditing, it is important to carefully configure the storage requirements for audit logs. By default, auditd will max out the log files at 5MB and retain only 4 copies of them. Older versions will be deleted. It is possible on a system that the 20 MBs of audit logs may fill up the system causing loss of audit data. While the recommendations here provide guidance, check your site policy for audit storage requirements.