May 26, 2018
Tool to specify audit configurations on a process
With setaudit it is possible to specify audit configurations on a process directly at the runtime.
All audit events are redirected to the auditd8, an audit log management daemon.
Example of enabling all exe related audit events performed by a command and its child processes
# setaudit -m ex command