Confining Beats (aka SELinux policy for beats on EL)


(Fuero0) #1

Hi,

I'm evaluating filebeat and auditbeat (plus the contributed journalbeat) as log shippers for our environment. I had a look at the EL packages supplied by Elasticsearch and noticed that a suitable SELinux policy was missing.

I've rolled my own for now, is there interest in supplying a policy in the RPMs? I'd be willing to share what I came up with so far.

Kind regards,
Robert


(Noémi Ványi) #2

Great news! Could you please open a PR with the policies for Filebeat and Auditbeat?

This let's us evaluate the policy.


(Fuero0) #3

Done


(Noémi Ványi) #4

Thanks!


(system) #5

This topic was automatically closed after 21 days. New replies are no longer allowed.