Practical Monitoring

Practical Monitoring

Effective Strategies for the Real World

Mike Julian

auditd is great for tracking user actions and other events through its high level of configurability. For example, some of the types of events it can report on: All sudo executions, the command executed, and who did it File access or changes to specific files, when, and by whom User authentication attempts and failures

Link · 2425