1 Setting Up The Linux Audit Framework - Novell LINUX ENTERPRISE SERVER 11 - SECURITY Manual
Hide thumbs
Also See for LINUX ENTERPRISE SERVER 11 - SECURITY:
- Installation (5 pages) ,
- Administration manual (452 pages)
Table of Contents
Advertisement
Setting Up the Linux Audit
Framework
This chapter shows how to set up a simple audit scenario. Every step involved in con-
figuring and enabling audit is explained in detail. After you have learned to set up audit,
consider a real-world example scenario in
(page 423).
To set up audit on SUSE Linux Enterprise Server, you need to complete the following
steps:
Procedure 31.1 Setting Up the Linux Audit Framework
1 Make sure that all required packages are installed: audit, audit-libs, and
optionally audit-libs-python. To use the log visualization as described
in
Section 31.6, "Configuring Log Visualization"
and graphviz from the SUSE Linux Enterprise Server media.
2 Determine the components to audit. Refer to
Components to Audit"
3 Check or modify the basic audit daemon configuration. Refer to
"Configuring the Audit Daemon"
4 Enable auditing for system calls. Refer to
System Calls"
5 Compose audit rules to suit your scenario. Refer to
Audit Rules"
(page 415) for details.
(page 412) for details.
(page 413) for details.
(page 414) for details.
Chapter 32, Introducing an Audit Rule Set
(page 420), install gnuplot
Section 31.1, "Determining the
Section 31.3, "Enabling Audit for
Section 31.4, "Setting Up
Setting Up the Linux Audit Framework
31
Section 31.2,
411
Advertisement
Table of Contents
Need help?
Do you have a question about the LINUX ENTERPRISE SERVER 11 - SECURITY and is the answer not in the manual?