Linux Today: Linux News On Internet Time.

More on LinuxToday

Customized File Monitoring with Auditd

Jun 14, 2016, 12:00 (0 Talkback[s])

aureport is part of a larger toolset that comes with auditd. Using auditd to monitor some preset events is already quite useful, but where it comes into its own is when you customize it to monitor whatever you want.

To push your rules into auditd on the fly you use auditctl

Complete Story