-Dokumentation
>
Security Guide
>
◀
▶
Quick Navigation:
I.
II.
III.
IV.
V.
29
30
31
32
Part V.
The Linux Audit Framework
Contents
29. Understanding Linux Audit
29.1. Introducing the Components of Linux Audit
29.2. Configuring the Audit Daemon
29.3. Controlling the Audit System Using auditctl
29.4. Passing Parameters to the Audit System
29.5. Understanding the Audit Logs and Generating Reports
29.6. Querying the Audit Daemon Logs with ausearch
29.7. Analyzing Processes with autrace
29.8. Visualizing Audit Data
30. Setting Up the Linux Audit Framework
30.1. Determining the Components to Audit
30.2. Configuring the Audit Daemon
30.3. Enabling Audit for System Calls
30.4. Setting Up Audit Rules
30.5. Configuring Audit Reports
30.6. Configuring Log Visualization
31. Introducing an Audit Rule Set
31.1. Adding Basic Audit Configuration Parameters
31.2. Adding Watches on Audit Log Files and Configuration Files
31.3. Monitoring File System Objects
31.4. Monitoring Security Configuration Files and Databases
31.5. Monitoring Miscellaneous System Calls
31.6. Filtering System Call Arguments
31.7. Managing Audit Event Records Using Keys
32. Useful Resources