RECENT POSTS

Setaudit

May 26, 2018

Tool to specify audit configurations on a process

With setaudit it is possible to specify audit configurations on a process directly at the runtime.

All audit events are redirected to the auditd8, an audit log management daemon.

Example of enabling all exe related audit events performed by a command and its child processes

# setaudit -m ex command

WWW https//github.com/csjayp/setaudit