auditdistd - audit trail file retntion

JB freebsdlists.admin at protonmail.com
Tue Sep 21 22:38:08 UTC 2021


‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐

> Date: Mon, 20 Sep 2021 11:07:34 -0400
> From: Dan Langille dan at langille.org
> To: "freebsd-questions at freebsd.org" freebsd-questions at freebsd.org
> Cc: Pawel Jakub Dawidek pjd at freebsd.org
> Subject: auditdistd - audit trail file retntion
> Hello,
> I am using auditdistd on FreeBSD 11.4 and 12.2 - I write about audit
> trail files retention.
> Is there an option to dispose of older logs in /var/audit/dist ?
>
> So far, it seems like a custom cronjob is in order. Something like:
>
> ??? /usr/bin/find /var/audit/dist -type f -mtime +7 -exec rm {} \;
>
> FYI: I have read up about auditd, /etc/security/audit_control, and the
> audit -e option. They do not apply to auditdistd.
>
> Thank you.
>
> Dan Langille - dan at langille.org
> https://langille.org/

Why not just use newsyslog to manage them for you? See newsyslog.conf(5) for details.

Sent with ProtonMail Secure Email.


More information about the freebsd-questions mailing list