'selinux write a lot to /var/log/messages
I have a little issue with Splunk server I have It seems that selinux write a lot of events to /var/log/messages (~100MB a day) and the log rotate process fails (the log is not deleted, we have to do so manually when the disk is full) what can be the reason of this? can I stop selinux to write to /var/log/messages?
all those messages are just file access audit, nothing seems really an AVC denial....
Technical details Rhel7.6 server, splunk 8.2.4 searchHead
Thanks Tankwell
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|