Security Auditd Config for Enterprises
Hi all!
Apologies if this topic has already been discussed before, I couldn't find
an easy way to sift through older archives.
Is there an auditd rule set which offers a reasonable level of security
visibility and has been tested on enterprise production systems? And if
such a rule set can be shared here?
I'm looking for a base document to deploy/modify for use within my
organization. Many thanks in advance.
Regards
Attachments:
- attachment.html (text/html — 600 bytes)