Systemd uses an improved syslog implementation called 'the journal'. It replaces the traditional syslog daemon, but syslog (or syslog-ng) can run next to the journal. Rkhunter does currently not support detection of the systemd journal. Instead it warns about a not running syslog daemon.
Please add support for systemd's journal.
Log in to post a comment.