Well it is just the audit.log so any tool that could collect the
audit.log would collect the SELinux logs.
You might want to look at
http://linux.die.net/man/5/audisp-remote.conf
Which I believe can be setup to remote the logs.
On 09/16/2014 05:28 AM, Maurizio Pagani wrote:
Hi everybody.
I'll want configure SELinux in 1000+ Systems, but i need to know, if
there is a method or product that collect all logs of SELinux and
create a mirror of what are happening in the systems.
An example is snorby for suricata or snort (IDS/IPS):
http://www.rivy.org/wp-content/uploads/2013/03/snorby-screenshot.png
Let me know.
Thanks in advance.
Maurizio Pagani
--
selinux mailing list
selinux(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux