| Dir : /usr/share/audit/sample-rules/ |
| Server: Linux server1.ngambekcore.com 4.18.0-553.51.1.el8_10.x86_64 #1 SMP Wed Apr 30 04:00:07 EDT 2025 x86_64 IP: 159.198.77.92 |
| Dir : //usr/share/audit/sample-rules/20-dont-audit.rules |
## This is for don't audit rules. We put these early because audit ### is a first match wins system. Uncomment the rules you want. ## Cron jobs fill the logs with stuff we normally don't want #-a never,user -F subj_type=crond_t ## This prevents chrony from overwhelming the logs #-a never,exit -F arch=x86_64 -S adjtimex -F auid=unset -F uid=chrony -F subj_type=chronyd_t ### This is not very interesting and wastes a lot of space if ### the server is public facing #-a always,exclude -F msgtype=CRYPTO_KEY_USER