I would like to redirect the auditd log data into rsyslog instead of audit.log file.
I see that by default in the "/etc/audit/auditd.conf" the following line has been included to redirect it to
log_file = /var/log/audit/audit.log
Is it possible to redirect the Audit log to syslog or rsyslog on the same machine.
NOTE: I don't have any external log server at this point and would like to test this on the same instance of an RHEL Server where my application is running.
Any Assistance is greatly appreciated.
NOTE: My rsyslog Server and auditd logs are on the same server instance. RHEL-7 -->3.10.0-862.el7.x86_64 Thank you
