Bug 156078

Summary: system-logviewer should be aware of SELinux audit logs
Product: [Fedora] Fedora Reporter: James Laska <jlaska>
Component: system-logviewerAssignee: Chris Lumens <clumens>
Status: CLOSED WONTFIX QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: jturner, sgrubb
Target Milestone: ---Keywords: FutureFeature
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-09-23 17:15:29 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description James Laska 2005-04-27 12:38:14 UTC 
# system-logviewer-0.9.14-1

The following patch against system-logviewer-0.9.14-1 adds support for viewing
SELinux audit/audit.log files.  I'm not entirely sure about how we would want to
label the relevant text sections, so I've cc'd dwalsh.

--- /usr/share/system-logviewer/LogViewerGui.py 2005-04-27 08:28:45.000000000 -0400
+++ /tmp/LogViewerGui.py    2005-04-27 08:28:43.000000000 -0400
@@ -90,6 +90,7 @@
 stringDict["FTPLOG"] = [_("FTP Log"),_("This log file contains messages from
the FTP Server.")]
 stringDict["XFREE86LOG"] = [_("XFree86 Log"),_("This log file contains messages
from the XFree86 server.")]
 stringDict["XORGLOG"] = [_("X.Org X11 Log"),_("This log file contains messages
from the X.Org X11 server.")]
+stringDict["AUDITLOG"] = [_("SELinux Audit Log"),_("This log file contains
audit messages from SELinux.")]

 ##---------------------------------------------------------------

--- /etc/sysconfig/system-logviewer 2005-04-27 08:29:51.000000000 -0400
+++ /tmp/system-logviewer   2005-04-27 08:24:31.000000000 -0400
@@ -23,6 +23,7 @@
 FTPLOG=/var/log/vsftpd.log
 XFREE86LOG=/var/log/XFree86.0.log
 XORGLOG=/var/log/Xorg.0.log
+AUDITLOG=/var/log/audit/audit.log

 # How often to refresh messages, in seconds
 # If set below 30 seconds, it defaults to 30 seconds
Comment 1 Daniel Walsh 2005-04-27 14:17:31 UTC 
One correction this is not the SELinux audit log.  It is the auditd log with or
without SELinux.

+stringDict["AUDITLOG"] = [_("Audit Log"),_("This log file contains
audit messages from the kernel collected by the audit daemon.")]

steve grubb is in charge.
Comment 4 Chris Lumens 2005-09-23 17:15:29 UTC 
Removing from FC5 blocker and closing as WONTFIX based on s-logviewer being
moved out of Core.