Configuring and using auditd

Super Secure

Article from Issue 146/2013
Author(s):

The auditd tool can provide system logging capabilities to satisfy even the most paranoid users.

A certain subset of Linux users is extremely paranoid about security. These are folks that want to see every system call and file access that a program makes and want to ensure that any access to specific data files is logged securely. The auditd subsystem provides all these capabilities and more.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • auditctl

    Use the kernel auditing system to set watches on critical files and system calls and log the activity for later anaylsis.

  • Core Technologies

    Look for intruders and study the health of your system with Linux auditing tools.

  • Integrity Measurement Architecture

    The Integrity Measurement Architecture adds important details to your audit logs, making it easier to track an intruder's footprints.

  • Falco

    Create your own rules to detect threats by monitoring system calls.

  • SELinux

    SELinux provides a comprehensive Mandatory Access Control system for Linux, if you are ready for all the details.

comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More

News