Comments (6)
nbrownus
commented on June 26, 2024
/dev/log is a datagram socket and I don't recommend using it for this. There is a way to setup rsyslog to use a stream socket which is much better suited to go-audit message sizes.
from go-audit.
nbommu1
commented on June 26, 2024
thanks a lot,
trying with these options.
network: udp
address: localhost:514
from go-audit.
nbommu1
commented on June 26, 2024
unfortunatly died again with the same error message, cleared up error log and started, will get more info on next failure.
from go-audit.
nbrownus
commented on June 26, 2024
That would be because you are still using a datagram transport mode. If you use tcp or a unix domain socket in stream mode you will remove the transit size limit.
from go-audit.
nbommu1
commented on June 26, 2024
Thanks, I have turned on TCP reception on that server and update go-audit.yaml, things are looks good so far.
network: tcp
address: localhost:514
from go-audit.
nbommu1
commented on June 26, 2024
we have minimised logging on that server, so far things looks good.
from go-audit.
Related Issues (20)
- How to filter to command run in local0 to 7
- Reverse Function for Filters
- Backend: go-audit events are not put into the streamstash index HOT 2
- Cannot build goaudit, audit.go:226: undefined: user.LookupGroup HOT 1
- Pre-compiled version? HOT 3
- Replacing auditd with go-audit HOT 1
- wrong app name in syslogs HOT 1
- extras.go does not support disabled container auditing HOT 3
- LXD support
- Migrate away from govendor to go modules
- Migrate from "syscall" to "golang.org/x/sys/unix"
- Consider using code generation (ex: easyjson) for JSON models
- no tags/releases HOT 3
- go-audit relies on github.com/capsule8/capsule8, which was deleted or made private HOT 1
- "type":1305 AUDIT_CONFIG_CHANGE log noise HOT 2
- Do we need to implement logrotate for the go-audit.log file?
- Publish debian packages
- Process dies and go-audit stops logging HOT 2
- Enhance request for ECS compatible go-audit output
- When go-audit and linux auditd are started at the same time, go-audit cannot obtain any data. HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from go-audit.