Tags: auditd


Learn how to customize auditd to monitor whatever you want.

Customized File Monitoring with Auditd

In the previous article on auditd, I showed how to use aureport to check stuff monitored by the auditd daemon. And, I showed how you could, for example, check whether a user had experienced trouble logging in, which could be interpreted as a malicious attempt to access a system. As I said before,...
Read 0 Comments


System monitoring
Learn how to use auditd for system monitoring.

Linux System Monitoring and More with Auditd

One of the keys to protecting a Linux system is to know what’s going on inside it -- what files change, who accesses what and when, and which applications get run. Incrond was used up until some years ago for the former, but, despite rumors to the contrary, development seems to have stopped since...
Read 0 Comments
Click Here!