AUDIT_SYSLOG_LEVEL 清疚 2023-10-05 08:46 62阅读 0赞 ## ## <table> <thead> <tr> <th style="text-align:left;"><span style="color:#222222;">属性</span></th> <th style="text-align:left;"><span style="color:#222222;">描述</span></th> </tr> </thead> <tbody> <tr> <td><span style="color:#222222;"><span style="color:#222222;"><strong>参数类型</strong></span></span></td> <td><span style="color:#222222;"><span style="color:#222222;">串</span></span></td> </tr> <tr> <td><span style="color:#222222;"><span style="color:#222222;"><strong>句法</strong></span></span></td> <td><span style="color:#222222;"><span style="color:#222222;"><code>AUDIT_SYSLOG_LEVEL = '</code><code><em>facility_clause</em></code><code>.</code><code><em>priority_clause</em></code><code>'</code></span></span></td> </tr> <tr> <td><span style="color:#222222;"><span style="color:#222222;"> </span></span></td> <td><span style="color:#222222;"><span style="color:#222222;"><strong>facility_clause :: =</strong></span></span> <p style="margin-left:0px;"><span style="color:#222222;"><span style="color:#222222;"><code>{ USER | LOCAL[0 | 1 | 2 | 3 | 4 | 5 | 6 | 7] | SYSLOG | DAEMON | KERN | MAIL | AUTH | LPR | NEWS | UUCP | CRON }</code></span></span></p> </td> </tr> <tr> <td><span style="color:#222222;"><span style="color:#222222;"> </span></span></td> <td><span style="color:#222222;"><span style="color:#222222;"><strong>priority_clause :: =</strong></span></span> <p style="margin-left:0px;"><span style="color:#222222;"><span style="color:#222222;"><code>{ NOTICE | INFO | DEBUG | WARNING | ERR | CRIT | ALERT | EMERG }</code></span></span></p> </td> </tr> <tr> <td><span style="color:#222222;"><span style="color:#222222;"><strong>默认值</strong></span></span></td> <td><span style="color:#222222;"><span style="color:#222222;">没有默认值。</span></span></td> </tr> <tr> <td><span style="color:#222222;"><span style="color:#222222;"><strong>可修改的</strong></span></span></td> <td><span style="color:#222222;"><span style="color:#222222;">没有</span></span></td> </tr> <tr> <td><span style="color:#222222;"><span style="color:#222222;"><strong>基本的</strong></span></span></td> <td><span style="color:#222222;"><span style="color:#222222;">没有</span></span></td> </tr> <tr> <td><span style="color:#222222;"><span style="color:#222222;"><strong>例子</strong></span></span></td> <td> <pre style="margin-left:0px;"><span style="color:#222222;"><span style="color:#222222;"><span style="color:#222222;">AUDIT_SYSLOG_LEVEL ='KERN.EMERG'; AUDIT_SYSLOG_LEVEL ='LOCAL1.WARNING'; </span></span></span></pre> </td> </tr> </tbody> </table> `AUDIT_SYSLOG_LEVEL`允许使用该实用程序将`SYS`标准`OS`审核记录写入系统审核日志`SYSLOG`。 如果使用此参数,则最好在中分配一个与设施和优先级的每个组合相对应的文件(尤其是`KERN.EMERG`)`syslog.conf`。有时,这些文件被分配为以默认`syslog.conf`文件的形式打印到控制台。这会变得很烦人,并且将无法用作审核日志。另外,如果使用此参数,则最好将系统中系统日志消息的最大长度设置为512字节。 如果`AUDIT_SYSLOG_LEVEL`设置为且`SYS`启用了审核(`AUDIT_SYS_OPERATIONS`= `TRUE`),则将`SYS`审核记录写入系统审核日志`AUDIT_SYSLOG_LEVEL`中;如果设置为且将标准审核记录发送至操作系统(`AUDIT_TRAIL`= `OS`),则将标准审核记录写入系统审核中日志。
还没有评论,来说两句吧...