|
Auditd : Install
2025/01/02 |
|
Configure System Auditing by Auditd. |
|
| [1] | Audit package is installed by default even if minimal installation of CentOS Stream 10, however if not, Install it like follows. |
|
[root@dlp ~]#
[root@dlp ~]# dnf -y install audit
systemctl enable --now auditd |
| [2] | It's possible to change some settings of Auditd on auditd.conf. |
|
[root@dlp ~]#
vi /etc/audit/auditd.conf # line 7 : specify logfile log_file = /var/log/audit/audit.log # line 12 : maximum size of a logfile (MegaBytes) max_log_file = 8 # line 13 : number of logfiles if specified [max_log_file_action=ROTATE] num_logs = 5 # line 15: hostname in logfiles # valid value : NONE, HOSTNAME, FQD, NUMERIC, USER name_format = NONE # line 16: hostname you like if specified [name_format=USER] ##name = mydomain # line 17: specify action if the size of a logfile is over the limit # valid value : IGNORE, SYSLOG, SUSPEND, ROTATE, KEEP_LOGS max_log_file_action = ROTATE |
| Sponsored Link |
|
|