Quote:
Originally Posted by baf
For me simple LOG target is enough
|
I used to feed PSAD with ULOG target, back when I was on that project.
Now I want the entire packet to add specific rules for using parts of the Amazon network services while blocking others.
I.E: For the 'developer rule-set'.
For other uses, the LOG target is probably enough, will just have to do something about the place that syslog-ng is writing to (and where its configure file is at).
A neat challenge, what with the KUAL objective of never touching system image files.
Will probably end up with over-mounting that file or directory with something, maybe a tmpfs something. (then everything goes away on re-boot)