audit_set_failure sets the action that the kernel will perform when
the backlog limit is reached or when it encounters an error and
cannot proceed. Possible values are:
0 - AUDIT_FAIL_SILENT
Do nothing, report nothing, skip logging the record and
1 - AUDIT_FAIL_PRINTK [default]
Log the audit record using printk which will cause subsequent
events to get written to syslog.
2 - AUDIT_FAIL_PANIC
Call the panic function. This would be used to prevent use of
the machine upon loss of audit events.
This page is part of the audit (Linux Audit) project. Information
about the project can be found at
⟨http://people.redhat.com/sgrubb/audit/⟩. If you have a bug report
for this manual page, send it to email@example.com. This page
was obtained from the project's upstream Git repository
⟨https://github.com/linux-audit/audit-userspace.git⟩ on 2017-03-13.
If you discover any rendering problems in this HTML version of the
page, or you believe there is a better or more up-to-date source for
the page, or you have corrections or improvements to the information
in this COLOPHON (which is not part of the original manual page),
send a mail to firstname.lastname@example.org
Red Hat June 2015 AUDIT_SET_FAILURE(3)