Galileo Labs

User Tools

Site Tools

You are here: start » tips » audit
tips:audit

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
tips:audit [2015/07/09 12:38] – created scipiotips:audit [2019/01/21 11:17] (current) scipio
Line 6: Line 6:
 </code> </code>
  
-Add watcher to /etc/audit/audit.rules to detect delete or write/append of /shares/pubblica/esca.doc+Add watcher to **/etc/audit/audit.rules** to detect delete or write/append of /shares/pubblica/esca.doc
 <code> <code>
 -w /shares/pubblica/esca.doc -p wa -k esca -w /shares/pubblica/esca.doc -p wa -k esca
Line 15: Line 15:
 Search events Search events
 <code> <code>
-ausearch -k esca+ausearch -k esca | aureport -f -i
 </code> </code>
tips/audit.1436438285.txt.gz · Last modified: by scipio

Page Tools

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki