Red Hat Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation

  • Comments

    • How do I stop audit logs from going to /var/log/messages

    Posted on

    How do I stop audit logs from going to /var/log/messages

    Currently we have auditd turned on and events are getting sent to /var/log/messages as well as /var/log/audit/audit.log

    All our logs go to a central syslog server also...

    Having said that we would like to stop the auditd logs from going to "messages" but continue going to /var/log/audit/audit.log and continue being sent to our remote syslog server..

    I tried setting /etc/audisp/plugins.d/syslog.conf to "active = no" but that didn't do it.

    Can someone tell me how to accomplish this?

    • Jason

    by

    points

    Responses

    Red Hat LinkedIn YouTube Facebook X, formerly Twitter

    Quick Links

    Help

    Site Info

    Related Sites

    © 2025 Red Hat