Some more info in the readme about outputs

alanhlam · Dec 2, 2016 · ece314e · ece314e
1 parent dfa60c3
commit ece314e
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 17 deletions.
diff --git a/README.md b/README.md
@@ -15,7 +15,7 @@ I became interested in creating a replacement for the existing daemon.
 * Safe : Written in a modern language that is type safe and performant
 * Fast : Never ever ever ever block if we can avoid it
 * Outputs json : Yay
-* Pluggable pipelines : Reports to syslog by default, but easily extended
+* Pluggable pipelines : Can write to syslog, local file, or stdout. Additional outputs are easily written. 
 * Connects to the linux kernel via netlink (info [here](https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/tree/kernel/audit.c?id=refs/tags/v3.14.56) and [here](https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/tree/include/uapi/linux/audit.h?h=linux-3.14.y))
 
 ## Usage

diff --git a/go-audit.yaml.example b/go-audit.yaml.example
@@ -26,13 +26,19 @@ message_tracking:
 # Configure where to output audit events
 # Only 1 output can be active at a given time
 output:
-  # Writes logs to syslog
-  syslog:
+  # Writes to stdout
+  # All program status logging will be moved to stderr
+  stdout:
     enabled: true
 
-    # Total number of attempts to send a message before considering the syslog server gone
+    # Total number of attempts to write a line before considering giving up
     # If a write fails go-audit will sleep for 1 second before retrying
-    # default is 3
+    # Default is 3
+    attempts: 2
+
+  # Writes logs to syslog
+  syslog:
+    enabled: false
     attempts: 5
 
     # Configure the type of socket this should be, default is unixgram
@@ -54,9 +60,6 @@ output:
   # Appends logs to a file
   file:
     enabled: false
-
-    # Total number of attempts to write a line before considering giving up
-    # If a write fails go-audit will sleep for 1 second before retrying
     attempts: 2
 
     # Path of the file to write lines to
@@ -70,15 +73,6 @@ output:
     user: nobody
     group: nogroup
 
-  # Writes to stdout
-  # All program status logging will be moved to stderr
-  stdout:
-    enabled: true
-
-    # Total number of attempts to write a line before considering giving up
-    # If a write fails go-audit will sleep for 1 second before retrying
-    attempts: 2
-
 # Configure logging, only stdout and stderr are used.
 log:
   # Gives you a bit of control over log line prefixes. Default is 0 - nothing.