I'm new to auditd, and have been assign to come up with a "best practice"
standard for the deployment and audit settings for Linux servers using
auditd, Other then the man pages does anyone have any suggestions for
"best practices", books or training courses that would help me get a
better understanding of auditd and its syntax?
Any help would be most appreciated, thanks...
Larry E. Erdahl
Information Security Services
Computer Security Incident Response Team (CSIRT)
1 Meridian Crossing
Richfield, MN 55423
Mail Code: EP-MN-MS6I
Office Phone: (612)973-7153
U.S. BANCORP made the following annotations
---------------------------------------------------------------------
Electronic Privacy Notice. This e-mail, and any attachments, contains information that is,
or may be, covered by electronic communications privacy laws, and is also confidential and
proprietary in nature. If you are not the intended recipient, please be advised that you
are legally prohibited from retaining, using, copying, distributing, or otherwise
disclosing this information in any manner. Instead, please reply to the sender that you
have received this communication in error, and then immediately delete it. Thank you in
advance for your cooperation.
---------------------------------------------------------------------