Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

Ive got a log file with AVC messages in it, can setroubleshoot analyze it for me?

analyze AVC file GOT log Messages setroubleshoot
0
Posted

Ive got a log file with AVC messages in it, can setroubleshoot analyze it for me?

0 CommentsAdd a Comment

1 Answer

0

Yes. By default setroubleshoot listens for AVC messages arriving from the audit subsystem and then feeds those AVC messages into its analysis engine. However setroubleshoot can also open a log file containing AVC messages, parse those AVC messages and feed them into its analysis engine just as if they had arrived from the audit subsystem. To analyze a log file go to the File menu and select “Scan logfile…”. This will open a file chooser dialog which will allow you to pick a file to analyze. The file is opened by the sealert process which runs with your permissions, not root permissions. Therefore any file you wish to analyze must be readable by you. Some system log file are not world readable. If this is the case then your best option is to copy the file as root to a temporary location and make it readable. As the analysis engine runs on the log file it builds an alert database (e.g. post processed). The most significant effect is to collapse recurring problems into single alerts wit

0 CommentsAdd a Comment

Related Questions

What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.