Provided by: tomoyo-tools_2.4.0-20111025-3_amd64 bug

NAME

       tomoyo-auditd - access request logs recording daemon for TOMOYO Linux

SYNOPSIS

       tomoyo-auditd

       tomoyo-auditd <remote_ip:remote_port>

DESCRIPTION

       This  program  reads  access  request  logs  from the kernel and writes to the location(s)
       specified in the configuration file. By running this program at  startup,  access  request
       logs for all or selected domains can be stored to aid in system administration.

       The  format  of  these  logs is similar to domain policy so they can be used to aid in the
       development of policy.

       The writing of these logs is controlled by rules defined in /etc/tomoyo/tools/auditd.conf.
       If  an  access  request log matches a rule, then it will be written to the specified file.
       This can be used to split access request logs into multiple files to  make  administration
       easier.  Only  the  first  matching rule is used, so any single access request log will be
       written to a maximum of one output file. If the access request  log  does  not  match  any
       rules, it will be discarded.

OPTIONS

       <remote_ip:remote_port>
           Retrieve  access  request  logs via an agent connected to the specified IP address and
           port number.

EXAMPLES

       Discard all granted logs:
       header.contains granted=yes
       destination /dev/null

       Write   access   request   logs   from   Apache   and   its    descendent    domains    to
       /var/log/tomoyo/apache.log :
       domain.starts <kernel> /usr/sbin/httpd
       destination /var/log/tomoyo/apache.log

NOTES

       This  program  should be started from the appropriate stage during startup, for example in
       /etc/rc.local.

BUGS

       If there are any bugs, send an email with as much  detail  as  possible  to  tomoyo-users-
       en@lists.sourceforge.jp

AUTHORS

       Main authors:

       ·   Tetsuo Handa <penguin-kernel AT I-love.SAKURA.ne.jp>

       Other contributers:

       ·   Jamie Nguyen <jamie AT tomoyolinux.co.uk>

           Man pages, documentation and website.

SEE ALSO

       tomoyo-editpolicy-agent(8)

       See http://tomoyo.sourceforge.jp/ for more information.