Auditd - Use auditd for comprehensive system auditing.
Use auditd for comprehensive system auditing.
sudo apt install auditd audispd-plugins
sudo systemctl enable auditd
sudo systemctl start auditd
sudo nano /etc/audit/audit.rules
-w /etc/passwd -p wa -k passwd_changes
sudo systemctl restart auditd
#systemmonitoring
#monitor
#auditd
Comments
Post a Comment