Hey All my first post, so forgive me if I am in the wrong area. Well here it goes...
I am trying to understand how I should audit various users, directories and files.
For example, I would like to audit all the things that a super-user would do (i.e. all open, closes and commands). However, for other users I would like to be more selective. Moreover, I would only care when these users move to various directories. I was thinking about using the ext3 journaling system but can not find good documentation. Please point to good documentation if any one knows.
If there are any other suggestions I would be happy to entertain those.