Configuring the audit daemon of RHEL4 update 2
Does anyone have any experience with the "new" audit feature in RHEL 4 update 2? I'm attempting to configure a system at work, and I have to be very strict about what is audited. For some reason, I have yet to find any quality documentation on configuring /etc/audit.rules. Anyone familiar with the syntax?
If this is in the wrong forum and should be in the distro specific forum, my apologies, but it was a toss up as this is technically security related.
|