From 581cef28ed24a018644d81ab46029e87c711f538 Mon Sep 17 00:00:00 2001
From: jewelnuruddin <jewel.nuruddin@fout.jp>
Date: Fri, 2 Mar 2018 11:45:59 +0900
Subject: [PATCH 1/2] improvement of using class auditd::audisp::syslog

---
 README.md                  | 2 ++
 manifests/audisp/plugin.pp | 2 +-
 manifests/audisp/syslog.pp | 4 +++-
 3 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 9c73f1d..0f11f18 100644
--- a/README.md
+++ b/README.md
@@ -215,6 +215,8 @@ You can change the `args` for this plugin:
 ```puppet
 include '::auditd'
 class { '::auditd::audisp::syslog':
+  # Default value is false, which will keep remain disabled logging to syslog even though you call class '::auditd::audisp::syslog'
+  active => true,
   # LOG_INFO is actually the default...
   args => 'LOG_INFO',
 }
diff --git a/manifests/audisp/plugin.pp b/manifests/audisp/plugin.pp
index d7d4b25..8176d54 100644
--- a/manifests/audisp/plugin.pp
+++ b/manifests/audisp/plugin.pp
@@ -1,5 +1,5 @@
 define auditd::audisp::plugin (
-  $active    = true,
+  $active    = false,
   $direction = 'out',
   $path      = undef,
   $type      = 'always',
diff --git a/manifests/audisp/syslog.pp b/manifests/audisp/syslog.pp
index 87fd7ab..a7ee544 100644
--- a/manifests/audisp/syslog.pp
+++ b/manifests/audisp/syslog.pp
@@ -1,11 +1,13 @@
 class auditd::audisp::syslog (
-  $args = 'LOG_INFO',
+  $active = flase,
+  $args   = 'LOG_INFO',
 
 ) {
 
   auditd::audisp::plugin { 'syslog':
     path    => 'builtin_syslog',
     type    => 'builtin',
+    active  => $active,
     args    => $args,
     require => Package['auditd'],
   }

From 52abb6259283efafb5f8e55dc43afdbbbd4773b4 Mon Sep 17 00:00:00 2001
From: jewelnuruddin <jewel.nuruddin@fout.jp>
Date: Fri, 2 Mar 2018 11:48:54 +0900
Subject: [PATCH 2/2] adjust alignment

---
 README.md | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 0f11f18..ccabcf5 100644
--- a/README.md
+++ b/README.md
@@ -215,10 +215,11 @@ You can change the `args` for this plugin:
 ```puppet
 include '::auditd'
 class { '::auditd::audisp::syslog':
-  # Default value is false, which will keep remain disabled logging to syslog even though you call class '::auditd::audisp::syslog'
+  # Default value is false, which will keep remain disabled logging 
+  # to syslog even though you call class '::auditd::audisp::syslog'
   active => true,
   # LOG_INFO is actually the default...
-  args => 'LOG_INFO',
+  args   => 'LOG_INFO',
 }
 ```