[Forgot Password]
Login  Register Subscribe

25354

 
 

132805

 
 

139226

 
 

909

 
 

113180

 
 

156

 
 
Paid content will be excluded from the download.

Filter
Matches : 25354 Download | Alert*

Configure auditd Max Log File Size Determine the amount of audit data (in megabytes) which should be retained in each log file. Edit the file '/etc/audit/auditd.conf'. Add or modify the following line, substituting the correct value for

Configure auditd max_log_file_action Upon Reaching Maximum Log Size The default action to take when the logs reach their maximum size is to rotate the log files, discarding the oldest one. To configure the action taken by 'auditd', add or correct the line in '/etc/audit/auditd.conf': 'max_log_file_action = ACTION' Possible values for

Configure auditd space_left Action on Low Disk Space The 'auditd' service can be configured to take an action when disk space

Configure auditd admin_space_left Action on Low Disk Space The 'auditd' service can be configured to take an action when disk space is running low but prior to running out of space completely. Edit the file '/etc/audit/auditd.conf'. Add or modify the following line, substituting

Configure auditd mail_acct Action on Low Disk Space The 'auditd' service can be configured to send email to a designated account in certain situations. Add or correct the following line in '/etc/audit/auditd.conf' to ensure that administrators are notified via email for those situations: 'action_mail_acct = root'

Configure auditd to use audispd plugin To configure the 'auditd' service to use the 'audispd' plugin, set the 'active' line in '/etc/audisp/plugins.d/syslog.conf' to 'yes'. Restart the 'auditd'service: '$ sudo service auditd restart'

Record attempts to alter time through adjtimex If the 'auditd' daemon is configured to use the 'augenrules' program to read audit rules during daemon startup (the default), add the following line to a file with suffix '.rules' in the directory '/etc/audit/rules.d': '-a always,exit -F arch=b32 -S adjtimex -k audit_time_rules' If the system is 64 bit then also add the following line: '-a always,exi ...

Record attempts to alter time through settimeofday If the 'auditd' daemon is configured to use the 'augenrules' program to read audit rules during daemon startup (the default), add the following line to a file with suffix '.rules' in the directory '/etc/audit/rules.d': '-a always,exit -F arch=b32 -S settimeofday -k audit_time_rules' If the system is 64 bit then also add the following line: '-a al ...

Record Attempts to Alter Time Through stime If the 'auditd' daemon is configured to use the 'augenrules' program to read audit rules during daemon startup (the default), add the following line to a file with suffix '.rules' in the directory '/etc/audit/rules.d' for both 32 bit and 64 bit systems: '-a always,exit -F arch=b32 -S stime -k audit_time_rules' Since the 64 bit version of the "stime" sys ...

Record Attempts to Alter Time Through clock_settime If the 'auditd' daemon is configured to use the 'augenrules' program to read audit rules during daemon startup (the default), add the following line to a file with suffix '.rules' in the directory '/etc/audit/rules.d': '-a always,exit -F arch=b32 -S clock_settime -k audit_time_rules' If the system is 64 bit then also add the following line: '-a ...


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   2535

© SecPod Technologies