Hi all,<br>&nbsp;&nbsp;&nbsp; We can use a rule to audit one specific process&#39;s all syscall info,<br>eg: auditctl -a entry,always -S all -F pid=1005, it will log process 1005&#39;s<br>syscall info. Is there a rule available to audit all processes&#39; syscall info?
<br><br>Thanks in advance.<br>