Issue

• Does /etc/audit/rules.d directory exists in RHEL5
• Does audit read rules inside /etc/audit/rules.d on Red Hat Enterprise Linux 5?
• /etc/audit/rules.d directory exists in RHEL6. so does any rules placed in files in /etc/audit/rules.d
  directory be read by auditd daemon?
• Is there a way to prevent auditd from reading the files places in /etc/audit/audit.d directory?
• If there are multiple files in /etc/audit/rules.d, in which sequence would auditd reads the files placed in that directory? based on alphanumeric order? e.g. files with file names starting with "a" would be read before files with filen ames starting with "b"? files with filenames starting with "0" would be read before files with file names starting with "1"?
• In RHEL6, if i place my audit rules in /etc/audit/audit.rules and the /etc/audit/audit.d/audit.rules file contains "-D" as the first line. Does that mean that all the rules in /etc/audit/audit.rules are ignored by auditd ? Or does it mean that all rules placed before "-D" within the same file are ignored?