Audit Storage Capacity
Hi, all,
How do I calculate the values of num_logs and max_log_file in auditd.conf? Currently, num_logs is set to 4 and max_log_file is set to 5M. The logs are rotating too quickly.
Are there any guidelines on what the values and actions are in auditd.conf? I looked in the UNIX STIG, but I didn't find anything related to this.
Thanks,
Jaypas
|