Scale Your
Auditing Events
Philipp Krenn̴̴̴̴̴@xeraa
Slide 2
Slide 2 text
No content
Slide 3
Slide 3 text
No content
Slide 4
Slide 4 text
No silver bullet
Slide 5
Slide 5 text
uditd
https://github.com/linux-audit
Slide 6
Slide 6 text
"auditd is the userspace component to
the Linux Auditing System. It's
responsible for writing audit records to
the disk. Viewing the logs is done with
the ausearch or aureport utilities."
Slide 7
Slide 7 text
Monitor
File and network access
System calls
Commands run by a user
Security events