Environment: Red Hat Enterprise Linux 3
Instructions for using LAuS to generate audit records for all files opened on a system are as follows.
Save the current configuration:
# service audit stop # mv /etc/audit/filter.conf /etc/audit/filter.conf-default
Turn on auditing ONLY for the
execveand open ...
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.