What rules are currently installed and what logs are you seeing?
Hi Team,
I have enabled the audit logs recently ... Currently the auditd daemon is logging all the event and syscalls done based on default rule set ...
But currently it only record the events done by the root user or by the sudo ...
Need your help to configure the same for Group wise ... so that i can track the group wise events done , rather then adding a rule for each individual users.
--Thanks & Regards,
- Koresh
--
Linux-audit mailing list
Linux-audit@redhat.com
https://www.redhat.com/mailman/listinfo/linux-audit