Authentication Events

Wednesday, 14 January 2009

Does anyone know if the auditd on RHEL4 is capable of capturing
logon/logoff and failed authentication events?  This seems to work
flawlessly without any additional changes on a RHEL5 system.
Would this just be a configuration change in the PAM stack to allow
auditd to get these events, rather than using syslog?

Any ideas would be helpful.

Thanks,
Kevin

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004