Monday, July 23, 2012

Basic Audit (Re-)Viewing in Spacewalk


Government regulations require that regular audits are performed on their computer systems.  Other government auditors regularly verify that these audits are performed.  This is where the Linux auditing system comes in.  It is used to meet these requirements and can provide a wealth of information about a running Linux system.  Syscalls, user logins and ends, configuration changes in the audit system, SELinux denials, the addition or removal of users/groups, and more can be monitored.