Community
Splunk Answers
Splunk Administration
Deployment Architecture
Getting Data In
Installation
Security
Knowledge Management
Monitoring Splunk
Using Splunk
Splunk Search
Dashboards & Visualizations
Splunk Dev
Alerting
Reporting
Other Usage
Splunk Platform Products
Splunk Enterprise
Splunk Cloud Platform
Splunk Data Stream Processor
Splunk Data Fabric Search
Splunk Premium Solutions
News & Education
Blog & Announcements
Community Blog
Product News & Announcements
Practitioner Resources
Adoption Boards
Community Office Hours
Splunk Tech Talks
Great Resilience Quest
Training & Certification
Training + Certification Discussions
Training & Certification Blog
Community Lounge
Getting Started
Welcome
Feedback
SplunkTrust
User Groups
Splunk Love
Apps and Add-ons
All Apps and Add-ons
User Groups
Resources
SplunkBase
Developers
Documentation
Splunk Ideas
Sign In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search instead for
Did you mean:
All community
Knowledge base
pbunts
Users
Products
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search instead for
Did you mean:
Ask a Question
About pbunts
pbunts
Engager
Member since:
01-10-2013
06-05-2020
Community Statistics
Posts
1
Solutions
0
Karma Given
0
Karma Received
16
Member Since
01-10-2013
View all badges
Activity Feed
Got Karma for
Re: Linux Auditd: What is the best way to make /var/log/audit/audit.log accessible to a non-root Splunk forwarder?
.
10-12-2023
11:46 AM
Got Karma for
Re: Linux Auditd: What is the best way to make /var/log/audit/audit.log accessible to a non-root Splunk forwarder?
.
08-11-2023
04:42 AM
Got Karma for
Re: Linux Auditd: What is the best way to make /var/log/audit/audit.log accessible to a non-root Splunk forwarder?
.
04-01-2023
01:00 PM
Got Karma for
Re: Linux Auditd: What is the best way to make /var/log/audit/audit.log accessible to a non-root Splunk forwarder?
.
12-02-2020
02:03 PM
Got Karma for
Re: Linux Auditd: What is the best way to make /var/log/audit/audit.log accessible to a non-root Splunk forwarder?
.
06-05-2020
12:47 AM
Got Karma for
Re: Linux Auditd: What is the best way to make /var/log/audit/audit.log accessible to a non-root Splunk forwarder?
.
06-05-2020
12:47 AM
Got Karma for
Re: Linux Auditd: What is the best way to make /var/log/audit/audit.log accessible to a non-root Splunk forwarder?
.
06-05-2020
12:47 AM
Got Karma for
Re: Linux Auditd: What is the best way to make /var/log/audit/audit.log accessible to a non-root Splunk forwarder?
.
06-05-2020
12:47 AM
Got Karma for
Re: Linux Auditd: What is the best way to make /var/log/audit/audit.log accessible to a non-root Splunk forwarder?
.
06-05-2020
12:47 AM
Got Karma for
Re: Linux Auditd: What is the best way to make /var/log/audit/audit.log accessible to a non-root Splunk forwarder?
.
06-05-2020
12:47 AM
Got Karma for
Re: Linux Auditd: What is the best way to make /var/log/audit/audit.log accessible to a non-root Splunk forwarder?
.
06-05-2020
12:47 AM
Got Karma for
Re: Linux Auditd: What is the best way to make /var/log/audit/audit.log accessible to a non-root Splunk forwarder?
.
06-05-2020
12:47 AM
Got Karma for
Re: Linux Auditd: What is the best way to make /var/log/audit/audit.log accessible to a non-root Splunk forwarder?
.
06-05-2020
12:47 AM
Got Karma for
Re: Linux Auditd: What is the best way to make /var/log/audit/audit.log accessible to a non-root Splunk forwarder?
.
06-05-2020
12:47 AM
Got Karma for
Re: Linux Auditd: What is the best way to make /var/log/audit/audit.log accessible to a non-root Splunk forwarder?
.
06-05-2020
12:47 AM
Got Karma for
Re: Linux Auditd: What is the best way to make /var/log/audit/audit.log accessible to a non-root Splunk forwarder?
.
06-05-2020
12:47 AM
Posted
Re: Linux Auditd: What is the best way to make /var/log/audit/audit.log accessible to a non-root Splunk forwarder?
on
All Apps and Add-ons
.
01-13-2016
10:56 AM
Topics I've Started
No posts to display.
View All
Latest Contributions by pbunts
Topics pbunts has Participated In
Latest Contributions by pbunts
Re: Linux Auditd: What is the best way to make /va...
by
pbunts
in
All Apps and Add-ons
01-13-2016
10:56 AM
16 Karma
01-13-2016
10:56 AM
16 Karma
modify /etc/audit/auditd.conf and change log_group from root to splunk. restart auditd and now /var/log/audit.log will have group read and be set to the splunk group.
... View more
Contact Me
Online Status
Offline
Date Last Visited
06-05-2020
02:04 AM
Karma from
User
Karma Count
makelovenotwar
1
gphiz
1
HeavyHats
1
shwu
1
stoomart
1
View All