Auditing a dir in linux

Auditing a dir in linux
Anju
·Follow
Aug 17, 2021
--
Edit the file /etc/audit/rules.d/audit.rules:
-a exit,always -F path=/etc/<dir_name -F perm=warx -F key=dir-watchRestart the service:
service auditd restart
#systemctl stop/start will not workCheck the audit:
ausearch -k dir-watch
--
--
Written by Anju1 Follower
·3 Following
A DevOps engineer who loves automating everything (almost), exploring new places, and finding peace in nature. Always looking for the next adventure!
No responses yet
Help
Status
About
Careers
Press
Blog
Privacy
Terms
Text to speech
Teams