What are the potential negatives of turning on process accounting (psacct package)? I am looking into turning on process accounting on some EL6 servers. What are the potential pitfalls of turning this on? If you miti...--prophetes.ai

What are the potential negatives of turning on process accounting (psacct package)? I am looking into turning on process accounting on some EL6 servers. What are the potential pitfalls of turning this on? If you mitigate storage requirements with log rotation, any reason you would not turned it on by default on all your servers?

The biggest negative is the potential extra load that it may introduce to a server. Now saying that it's typically enabled on CentOS and Fedora, and it's designed to consume as small a footprint as possible so that it can collect these types of detailed audits. So I would fully expect that it won't cause you any issues, assuming the logs are being handled properly, and you should feel comfortable enabling on your servers.

If you're truly paranoid, you could do a bit of a staggered rollout and try it on a few of your servers to see if there is any perceived impact on their performance. Try it for a few weeks like this. If there is no noticeable issues, then roll it out to the remainder.