From 5cdd7342a8c6ea5adbb4eac3e8b6f94726ea55e6 Mon Sep 17 00:00:00 2001
From: Stephen O'Dwyer <67125983+angrieralien@users.noreply.github.com>
Date: Wed, 22 Mar 2023 09:35:45 -0400
Subject: [PATCH 1/2] removes ignore everything else audit rule

---
 sys-process/audit/files/rules.d/99-default.rules | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/sys-process/audit/files/rules.d/99-default.rules b/sys-process/audit/files/rules.d/99-default.rules
index cc373d84068..db3575fb33e 100644
--- a/sys-process/audit/files/rules.d/99-default.rules
+++ b/sys-process/audit/files/rules.d/99-default.rules
@@ -1,5 +1,2 @@
 # Always report changes to the audit subsystem itself.
--a exclude,never -F msgtype=CONFIG_CHANGE
-
-# Ignore everything else.
--a exclude,always -F msgtype>0
+-a exclude,never -F msgtype=CONFIG_CHANGE
\ No newline at end of file

From cfa0b18d16a824a9351197dc51417d488c210d10 Mon Sep 17 00:00:00 2001
From: Stephen O'Dwyer <67125983+angrieralien@users.noreply.github.com>
Date: Fri, 24 Mar 2023 08:15:10 -0400
Subject: [PATCH 2/2] adds new line to 99-default.rules

---
 sys-process/audit/files/rules.d/99-default.rules | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys-process/audit/files/rules.d/99-default.rules b/sys-process/audit/files/rules.d/99-default.rules
index db3575fb33e..f67fa7364a5 100644
--- a/sys-process/audit/files/rules.d/99-default.rules
+++ b/sys-process/audit/files/rules.d/99-default.rules
@@ -1,2 +1,2 @@
 # Always report changes to the audit subsystem itself.
--a exclude,never -F msgtype=CONFIG_CHANGE
\ No newline at end of file
+-a exclude,never -F msgtype=CONFIG_CHANGE