Skip to content
Richard Guy Briggs edited this page Jun 4, 2021 · 11 revisions

Welcome the Linux Audit Documentation Project

The Linux Audit Documentation project is intended to hold documentation and specifications related to the Linux Audit project.

Bug and Feature Requests

We have a page describing the process for reporting and bugs and requesting features.

Reporting Bugs and Feature Requests

Mailing List

All upstream discussion happens on the Linux Audit mailing list.

Mailing List
Mailing List Archive

IRC (chat)

#audit on


Documents on using and configuring audit.

Enable Auditing on Fedora

Several audit specification documents exist to describe the proper behavior of the Linux Audit system.

Writing Audit Events
Audit System Lifecycle Events
Audit User Account Lifecycle Events
Audit User Login Lifecycle Events
Virtualization Manager Guest Lifecycle Events
Audit Event Parsing Library
Audit State Diagram
Audit Daemon Real Time Event Interface
Audit Event Enrichment
Audit Field Dictionary
Audit Message Ranges
Audit Message Dictionary

Beyond the documents above, the wikis for the kernel audit subsystem and audit userspace have information specific to their respective projects.

Kernel Wiki
Userspace Wiki


The audit presentations are listed on the page below.

Audit Presentations