Linux Audit Framework

URI: https://gptkb.org/entity/Linux_Audit_Framework
GPTKB entity
Statements (51)
Predicate Object
gptkbp:instanceOf gptkb:security
auditing tool
gptkbp:category computer security
compliance
auditing
system administration
gptkbp:component gptkb:aureport
gptkb:libaudit
gptkb:auditd
gptkb:auditctl
gptkb:ausearch
augenrules
gptkbp:configuration /etc/audit/auditd.conf
/etc/audit/audit.rules
gptkbp:defaultLogDirectory /var/log/audit/
gptkbp:developedBy gptkb:Linux_operating_system
gptkbp:documentation https://github.com/linux-audit/audit-documentation
https://linux.die.net/man/8/auditd
gptkbp:feature plugin support
log rotation
configurable rules
user activity tracking
CAPP compliance support
SELinux integration
detailed audit logs
file access monitoring
network access auditing
real-time event logging
remote logging support
system call auditing
gptkbp:format gptkb:JSON
plain text
https://www.w3.org/2000/01/rdf-schema#label Linux Audit Framework
gptkbp:integratesWith SIEM systems
log management tools
gptkbp:introducedIn gptkb:Linux_kernel_2.6
gptkbp:license gptkb:GNU_General_Public_License
gptkbp:maintainedBy gptkb:Red_Hat
Linux community
gptkbp:platform gptkb:Linux
gptkbp:purpose monitoring system events
recording security-relevant information
gptkbp:supports gptkb:SOX_compliance
HIPAA compliance
PCI DSS compliance
CIS benchmarks
gptkbp:usedBy security professionals
system administrators
compliance auditors
gptkbp:bfsParent gptkb:auditd
gptkbp:bfsLayer 6