NAME

       tomoyo-auditd - access request log recording daemon for TOMOYO Linux

SYNOPSIS

       tomoyo-auditd

       tomoyo-auditd [remote_ip:remote_port]

DESCRIPTION

       This program reads access request logs from the kernel and writes to the locations
       specified in the configuration file. By running this program at startup, access request
       logs for either all domains or selected domains can be stored.

       The format of the stored logs is similar to domain policy, so they can be used to help
       develop policy.

       Configure this daemon in /etc/tomoyo/tools/auditd.conf. If an access request matches a
       rule, it will be written to the specified log file. This can be used to split access
       request logs into multiple files. Only the first matching rule is used, so any single
       access request log will be written to a maximum of one output file. If an access request
       log does not match any rules, it will be discarded.

       Start this program from an appropriate stage during startup (e.g. /etc/rc.local).

OPTIONS

       remote_ip:remote_port
           Retrieve access request logs from a remote system via an agent, connecting to the
           specified IP address and port number.

BUGS

       If you find any bugs, send an email to <tomoyo-users-en@lists.sourceforge.jp>.

AUTHORS

       Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
           Main author.

       Jamie Nguyen <jamie@tomoyolinux.co.uk>
           Documentation and website.

SEE ALSO

       tomoyo-editpolicy-agent(8)

       See <http://tomoyo.sourceforge.jp> for more information.