auditd - phpMan

Command: man perldoc info search(apropos)  

AUDITD:(8)              System Administration Utilities             AUDITD:(8)



NAME
       auditd - The Linux audit daemon

SYNOPSIS
       auditd [ -f ]

DESCRIPTION
       auditd  is  the  userspace component to the Linux Auditing System. It’s responsible
       for writing audit records to the disk. Viewing the logs is done with  the  ausearch
       or  aureport utilities. Configuring the audit rules is done with the auditctl util-
       ity. During startup, the rules in /etc/audit.rules are read by auditctl. The  audit
       daemon  itself has some configuration options that the admin may wish to customize.
       They are found in the auditd.conf file.

OPTIONS
       -f     leave the audit daemon in the foreground for debugging. Messages also go  to
              stderr rather than the audit log.

SIGNALS
       HUP causes auditd to reconfigure. This means that auditd re-reads the configuration
       file. If there are no syntax errors, it will proceed  to  implement  the  requested
       changes. If the reconfigure is successful, a DAEMON_CONFIG event is recorded in the
       logs. If  not  successful,  error  handling  is  controlled  by  space_left_action,
       admin_space_left_action,  disk_full_action,  and  disk_error_action  parameters  in
       auditd.conf.

       TERM caused auditd to discontinue processing audit events, write a  shutdown  audit
       event, and exit.

       USR1   causes   auditd  to  immediately  rotate  the  logs.  It  will  consult  the
       max_log_size_action to see if it should keep the logs or not.

FILES
       /etc/auditd.conf - configuration file for audit daemon

       /etc/audit.rules - audit rules to be loaded at startup

NOTES
       A boot param of audit=1 should be added to  ensure  that  all  processes  that  run
       before the audit daemon starts is marked as auditable by the kernel. Not doing that
       will make a few processes impossible to properly audit.

SEE ALSO
       auditd.conf(8), ausearch(8), aureport(8), auditctl(8)



Red Hat                            Nov 2005                         AUDITD:(8)

Generated by $Id: phpMan.php,v 4.55 2007/09/05 04:42:51 chedong Exp $ Author: Che Dong
On Apache/1.3.41 (Unix) PHP/5.2.5 mod_perl/1.30 mod_gzip/1.3.26.1a
Under GNU General Public License
2008-08-30 09:31 @38.103.63.61 CrawledBy CCBot/1.0 (+http://www.commoncrawl.org/bot.html)
Valid XHTML 1.0!Valid CSS!