Tags: auditd

Auditing Docker Containers in a DevOps Environment

The handy auditd package can help track down weaknesses in your system before, during, or after an attack. Thanks to the unremitting, ever-present threat of a multitude of attacks to which a Linux system can be subjected, it’s critical to capture important changes and events made by users and...
Read 0 Comments


Learn how to customize auditd to monitor whatever you want.

Customized File Monitoring with Auditd

In the previous article on auditd, I showed how to use aureport to check stuff monitored by the auditd daemon. And, I showed how you could, for example, check whether a user had experienced trouble logging in, which could be interpreted as a malicious attempt to access a system. As I said before,...
Read 0 Comments


System monitoring
Learn how to use auditd for system monitoring.

Linux System Monitoring and More with Auditd

One of the keys to protecting a Linux system is to know what’s going on inside it -- what files change, who accesses what and when, and which applications get run. Incrond was used up until some years ago for the former, but, despite rumors to the contrary, development seems to have stopped since...
Read 0 Comments
Click Here!