audit daemon 1.2.9 review
Downloadaudit package contains the user-space utilities for creating audit rules
|
|
audit package contains the user-space utilities for creating audit rules. As well as for storing and searching the audit records generate by the audit subsystem in the Linux 2.6 kernel.
Usage:
Examples usage of utilities:
General:
Window 1:
./auditd
Window 2 (you don't have to have the daemon running to try this, but
enabled has to be 1):
./auditctl -s
./auditctl -a entry,always -S open
ls
./auditctl -d entry,always -S open
Identity tracking:
./auditctl -a exit,always -S all -F loginuid=2000
./auditctl -L 2000,"test uid"
What's New in This Release:
Updates to aureport for new MAC events, new man pages, updated reconfigure code in the daemon, and many little bugfixes.
audit daemon 1.2.9 search tags