audit ['ɔːdɪt] 审计 auditd是linux的一个审计服务. 这是man下的解释 auditd is the userspace component to the Linux Auditing System. It’s responsible for writing audit records to the disk. Viewing the logs is done with the ausearch or aureport utilities. Configuring
为了满足这样的需求:记录文件变化.记录用户对文件的读写,甚至记录系统调用,文件变化通知.什么是auditThe Linux Audit Subsystem is a system to Collect information regarding events occurring on the system(s) Kernel events (syscall events)User events (audit-enabled programs)syslog会记录系统状态(硬件警告.软件的log),