1AUDISP-STATSD(8) System Administration Utilities AUDISP-STATSD(8)
2
6 audisp-statsd - plugin to push audit metrics to a statsd service
7
9 audisp-statsd [ OPTIONS ]
10
12 audisp-statsd is a plugin for the audit event dispatcher that pushes
13 various audit metrics to a statsd service using UDP. Currently it col‐
14 lects the following metrics as gauges:
15 backlog
17 number of kernel events pending transfer to user space
18 lost number of kernel events dropped
20 free_space
22 how much disk free space auditd sees in MB
23 plugin_current_depth
25 number of events in auditd pending transfer to plugins
26 plugin_max_depth
28 historical maximum number of events backlogged while
29 pending transfer to plugins
30 as counters:
31 events_total_count
33 total number of events seen during interval
34 events_total_failed
36 total number of events seen during interval with failed
37 outcome
38 events_avc_count
40 total number of AVC events seen during interval
41 events_fanotify_count
43 total number of FANOTIFY events seen during interval
44 events_logins_success
46 total number of successful login events seen during in‐
47 terval
48 events_logins_failed
50 total number of failed login events seen during interval
51 events_anamoly_count
53 total number of anamoly events seen during interval
54 events_response_count
56 total number of anamoly response events seen during in‐
57 terval
58
61 /etc/audit/audisp-statsd.conf /etc/audit/plugins/au-statsd.conf
62
64 auditd.conf(8), auditd-plugins(5).
65
67 Steve Grubb
68Red Hat February 2021 AUDISP-STATSD(8)