Hi,
I'm evaluating filebeat and auditbeat (plus the contributed journalbeat) as log shippers for our environment. I had a look at the EL packages supplied by Elasticsearch and noticed that a suitable SELinux policy was missing.
I've rolled my own for now, is there interest in supplying a policy in the RPMs? I'd be willing to share what I came up with so far.
Kind regards,
Robert