logging: trace_logging: false statistics: report_period: 3h # set to -1 to disable send-all behaviour send_limit: 500 # these paths will be excluded by auditd suppress rules # absolute path entries will be added only when they matched by BASEDIR # relative entries like `logs` is searched with equivalence of `find /BASEDIR -name logs -depth 2` command auditd_exclude: - public_html/error_log - error_log # filter ordering is preserved and can affect performance greatly # filters are matched using strings.Contains method filters: drop: - /litespeed/ - /session/ - debug.log - error_log - error.log - /logs/ - /log/ - /tmp/#sql_ - /sess_ - /mail/