6Managing ProfiledApplicationsAfter creating profiles and immunizing your applications, openSUSE® becomes moreefficient and better protected if you perform Novell® AppArmor profile maintenance,which involves analyzing log files and refining your profiles as well as backing up yourset of profiles and keeping it up-to-date. You can deal with these issues before theybecome a problem by setting up event notification by e-mail, running periodic reports,updating profiles from system log entries by running the aa-logprof tool through YaST,and dealing with maintenance issues.6.1 Monitoring Your SecuredApplicationsApplications that are confined by Novell AppArmor security profiles generate messageswhen applications execute in unexpected ways or outside of their specified profile.These messages can be monitored by event notification, periodic report generation, orintegration into a third-party reporting mechanism.For reporting and alerting, AppArmor uses a userspace daemon(/usr/sbin/aa-eventd). This daemon monitors log traffic, sends out notifications,and runs scheduled reports. It does not require any end user configuration and it isstarted automatically as part of the security event notification through the YaST App-Armor Control Panel or by the configuration of scheduled reports in the YaST AppArmorReports module.Managing Profiled Applications 87