User Tools
система_linux_auditing
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
|
система_linux_auditing [2016/08/01 16:35] val [Установка и запуск системы аудита] |
система_linux_auditing [2020/06/16 19:41] val [Настройка правил аудита событий] |
||
|---|---|---|---|
| Line 15: | Line 15: | ||
| # auditctl -w /etc/passwd -p rwa -k passwords-files | # auditctl -w /etc/passwd -p rwa -k passwords-files | ||
| # auditctl -w /etc/shadow -p rwa -k passwords-files | # auditctl -w /etc/shadow -p rwa -k passwords-files | ||
| + | |||
| + | # auditctl -l | ||
| # cat /etc/audit/audit.rules | # cat /etc/audit/audit.rules | ||
| Line 22: | Line 24: | ||
| -w /etc/shadow -p rwa -k passwords-files | -w /etc/shadow -p rwa -k passwords-files | ||
| </code><code> | </code><code> | ||
| - | # /etc/init.d/auditd restart | + | # service auditd restart |
| </code> | </code> | ||
| Line 40: | Line 42: | ||
| # ausearch -k passwords-files | # ausearch -k passwords-files | ||
| - | # ausearch -f /etc/passwd -i | + | # ausearch -f /etc/passwd -i | grep user1 | grep touch |
| </code> | </code> | ||
система_linux_auditing.txt · Last modified: 2020/07/22 20:03 by val
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
