This subordinate charm installs and configures auditd.
This subordinate charm installs and configures the auditd package.
The charm can be related to the nrpe or nrpe-external-master charm for a simple check to verify data
is coming to the log.
The charm layer source.
The charm relates with any principal charm using juju-info interface.
First deploy this charm, then relate it.
juju deploy auditd juju add-relation primary-charm auditd
A base configuration is included, additional_rules can be specified via the additional_rules
configuration option or through the audit relation interface.
The audit relation needs more testing and possibly a interface layer to facilitate its use.
The auditd daemon requires special permissions and will not run in an unprivileged container.
- Auditd - http://people.redhat.com/sgrubb/audit/
- Ubuntu package - http://packages.ubuntu.com/xenial/auditd
- (string) YAML list of additional auditd rules to add. For example: - "-w /etc/adduser.conf -p wa -k CFG_adduser" - "-w /srv/www/index.html -p wa -k CFG_www"
- (string) Log file
- (int) Max log size in MB before rotating
- (string) Used by the nrpe-external-master subordinate charm. A string that will be prepended to instance name to set the host name in nagios. So for instance the hostname would be something like: juju-postgresql-0 If you're running multiple environments with the same services in them this allows you to differentiate between them.
- (int) The number of rotated logs to keep
- (boolean) If true will log to the syslog as well as to /var/log/audit/audit.log