How to configure audit rules to capture user activity for grep or egrep commands.

Solution Unverified - Updated 2024-08-06T07:33:15+00:00 -

Issue

How do I identify which user has executed the grep -r -i command using audit rules?

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Here are the common uses of Markdown.

Code blocks

~~~
Code surrounded in tildes is easier to read
~~~

Links/URLs

[Red Hat Customer Portal](https://access.redhat.com)