Skip to content
auditd based tripwire ruleset
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
plugins.d
rules.d
README.md
auditd.conf

README.md

auditd-ruleset

This is an auditd based ruleset for carefully monitoring user accounts. Useful when ensuring that service accounts aren't being used interactively, for example a www-data type user

How to handle log output

Take a look at audisp-json and consider streaming into logstash

You can’t perform that action at this time.