Setting Up The Linux Audit Framework - Novell LINUX ENTERPRISE DESKTOP 11 - SECURITY GUIDE 17-03-2009 Manual
Hide thumbs
Also See for LINUX ENTERPRISE DESKTOP 11 - SECURITY GUIDE 17-03-2009:
- Administration manual (338 pages) ,
- Deployment manual (246 pages) ,
- Application manual (364 pages)
Table of Contents
Advertisement
Setting Up the Linux Audit
Framework
This chapter shows how to set up a simple audit scenario. Every step involved in con-
figuring and enabling audit is explained in detail. After you have learned to set up audit,
consider a real-world example scenario in
(page 383).
To set up audit on SUSE Linux Enterprise Desktop, you need to complete the following
steps:
Procedure 31.1 Setting Up the Linux Audit Framework
1 Make sure that all required packages are installed: audit, audit-libs, and
optionally audit-libs-python. To use the log visualization as described
in
Section 31.6, "Configuring Log Visualization"
and graphviz from the SUSE Linux Enterprise Desktop media.
2 Determine the components to audit. Refer to
Components to Audit"
3 Check or modify the basic audit daemon configuration. Refer to
"Configuring the Audit Daemon"
4 Enable auditing for system calls. Refer to
System Calls"
5 Compose audit rules to suit your scenario. Refer to
Audit Rules"
(page 375) for details.
(page 372) for details.
(page 373) for details.
(page 374) for details.
Chapter 32, Introducing an Audit Rule Set
(page 380), install gnuplot
Section 31.1, "Determining the
Section 31.3, "Enabling Audit for
Section 31.4, "Setting Up
Setting Up the Linux Audit Framework
31
Section 31.2,
371
Advertisement
Table of Contents
