Hello,
I have set some file monitoring audit rules on a directory and the audit log
shows some entries like
ausearch -if $LOGDIR -a 448424 -i
NOTE - using logs in /qdap01/tax/logs/audit.log
type=PATH msg=audit(02/27/2017 13:50:13.917:448424) : item=1
name=/qdap01/tax/data/seqfiles/DFS/PPDFA
daemon process.
Local Time: February 20, 2017 11:04 AM
UTC Time: February 20, 2017 5:04 PM
From: sgr...@redhat.com
To: linux-audit@redhat.com, Kaptaan
On Monday, February 20, 2017 11:50:31 AM EST Kaptaan wrote:
> Hello All,
> I have recently been introduced to linux security. After going throu
Hello All,
I have recently been introduced to linux security. After going through man
pages and some posts, I believe I have configured and setup my audit rules
correctly. My need is to monitor and log access to all files in certain
directories.
The problem.
Application1 - I log in using my id .