LinuxQuestions.org - audit daemon

- Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)

- - audit daemon (https://www.linuxquestions.org/questions/linux-newbie-8/audit-daemon-913845/)

zanier

11-16-2011 09:22 AM

audit daemon

hi friends
i have a question .i know audit daemon support rules for system calls and file access.......Does it have any rule for "services'??? such as disk services or network services or.........?

unSpawn

11-16-2011 10:58 AM

Quote:

Originally Posted by zanier (Post 4525580)

i know audit daemon support rules for system calls and file access.......Does it have any rule for "services'??? such as disk services or network services or.........?

If you give a detailed example of what you are trying to achieve it would be easier to respond with more than "it depends"...

zanier

11-17-2011 05:03 AM

i want to know which does audit daemon log services ?
as it log system calls. please someone answer me....

unSpawn

11-17-2011 10:12 AM

OK... Then the answer is "no" :-]

zanier

11-19-2011 04:40 AM

thanks :)
what about LTT:linux trace toolkit? does it log both services and systemcalls?

unSpawn

11-19-2011 05:17 AM

It is not possible to understand your question correctly until I saw another students question pop up. In my opinion what you ask for (and what you failed to explain in a way I can understand) is similar to what was posted at http://www.linuxquestions.org/questi...rvices-914116/. Am I right?

8613133

05-24-2012 08:21 AM

audit daemon qestion

hi,
i installed auditd and then started that.i am going to know if i do not add any rule in audit.rules, what will be happen?does auditd log every things in default without adding any rule?in fact ,auditd log what? when there is no rule in audit.rules,
thanks.

All times are GMT -5. The time now is 04:13 AM.