Hi
i am new to this area and in want to know how can i configure auditd .
i have copied /usr/share/doc/audit-2.4.1/stig.rules to /etc/audit/audit.rules then i ran
after that auditctl -l is listing all the rule which i mentioned in
but how can i analyze these logs. is there any tools for that. audit.log file is having . this file has getting filled by so many entries.
Regards,
Ben
Moderator's Comments:
Please use CODE tags as required by forum rules!
Last edited by RudiC; 10-20-2016 at 05:51 AM..
Reason: Added CODE tags.
Hi all..
I need to perform an audit on my servers (ranging form mdk to redhat, knoppix...). I know there exists somewhere a script that could get me back the info i want..
I've googled around, and haven't found anything interesting.. Anyone have some thing i could investigate?
Thanx
... (5 Replies)
I would like to know how to configure a Redhat 9.0 as NIS+ client. I have seen the post of larry, but it is not enough information for me to do the configuration. Could anyone tell me how to do it? Please help!
Thank you! (3 Replies)
Hi everyone,
Can you please tell me the procedure to configure Virtual ip (CARP) mechanism into the Redhat Linux?
Thanks in advanced.
Regards,
Jagdish Machhi (1 Reply)
Dear All
When I start the AIX(6100-06)audit subsystem.
the log will save in /audit/stream.out (or /audit/trail), but in default when /audit/stream.out to grow up to 150MB.
It will replace the original /audit/stream.out (or /audit/trail).
Then the /audit/stream.out become empty and... (2 Replies)
Hi All,
I installed Red-hat linux(64bit-x86) os on vmware 8,configure IP address and services but it is unable to come in to network.it is production server.
please provide solution to me , it is very urgent... (3 Replies)
Hi everyone,
how i can configure a single audit service in the global zone for all zones, on solaris BSM.
I will be glad to hear back from you.
Thanks and Regards (3 Replies)
HI
How can i configure fence_cisco_ucs with redhat cluster suite.
i was trying to configure fencing aganet with red ahat cluster suite
i issued command
# /usr/sbin/fence_vmware_soap -a 172.22.90.61 -l admin -p duc2Cisco -o reboot
then i got below error:
Failed: You have to... (0 Replies)
Hi,
I am having a text file with the following contents
###########
File1
###########
some
page1.txt
text
page.txt
When I sort this file on Red Hat 5, then I get the following output
###########
File1
###########
page1.txt
page.txt
some (3 Replies)
Discussion started by: sarbjit
3 Replies
LEARN ABOUT LINUX
audit_data
audit_data(4) File Formats audit_data(4)NAME
audit_data - current information on audit daemon
SYNOPSIS
/etc/security/audit_data
DESCRIPTION
The audit_data file contains information about the audit daemon. The file contains the process ID of the audit daemon, and the pathname of
the current audit log file. The format of the file is:
pid>:<pathname>
Where pid is the process ID for the audit daemon, and pathname is the full pathname for the current audit log file.
EXAMPLES
Example 1: A sample audit_data file.
64:/etc/security/audit/server1/19930506081249.19930506230945.bongos
FILES
/etc/security/audit_data
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Interface Stability |Obsolete |
+-----------------------------+-----------------------------+
SEE ALSO audit(1M), auditd(1M), bsmconv(1M), audit(2), audit_control(4), audit.log(4)NOTES
The functionality described on this manual page is internal to audit(1M) and might not be supported in a future release.
The auditd utility is the only supported mechanism to communicate with auditd(1M). The current audit log can be determined by examining the
configured audit directories. See audit_control(4).
The functionality described on this manual page is available only if the Basic Security Module (BSM) has been enabled. See bsmconv(1M) for
more information.
SunOS 5.10 14 Nov 2002 audit_data(4)