abuhaneef
asked on
Audit Log Retention for One Year
What changes should I make to the auditd.conf in order to retain audit logs for one year? System is Centos 6.2. Should I change the "max_log_file = SIZE"? What about "max_log_file_action = keep_logs"? Does this keep logs indefinitely?
ASKER
There is no tape drive or external storage device available. Review of logs may become necessary in case of security breach, system malfunction, etc.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
This is not my field so this link may not be useful, but consider https://www.experts-exchange.com/questions/27654713/TSM-Client-retention-backups-for-1-year-retention.html.