Chapter 4. Managing Profiled Applications

Contents

4.1. Monitoring Your Secured Applications
4.2. Setting Up Event Notification
4.3. Reports
4.4. Reacting to Security Events
4.5. Maintaining Your Security Profiles

After creating profiles and immunizing your applications, SUSE Linux becomes more efficient and better protected if you perform Novell AppArmor profile maintenance, which involves tracking common issues and concerns. You can deal with common issues and concerns before they become a problem by setting up event notification by e-mail, running periodic reports, updating profiles from system log entries (which is essentially running the logprof tool through YaST), and dealing with maintenance issues. Instructions for performing each of these tasks are available:


4.1. Monitoring Your Secured Applications

Applications that are confined by Novell AppArmor security profiles generate messages when applications execute in unexpected ways or outside of their specified profile. These messages can be monitored by event notification, generating periodic reports, or integration into a third-party reporting mechanism. The following sections provide details for using these features and finding additional resources.