Comments on Simple Linux Auditing

Simple Linux Auditing Basic Linux system auditing is a bit tricky and data collected and information of that is out of place and readability is not that good. Recently this led me to put together a Open Source code project and develop simple BASH scripts that do the job nicely. The code and tar ball can be downloaded from both google code or from SourceForge's website and the project website has links to documentation, help, installation and code.

4 Comment(s)

Add comment

Please register in our forum first to comment.

Comments

By: Luigi
Reply  

not dksadtchk but dskadtchk :-) thanks for your very useful scripts

By: Molinero
Reply  

A little mistake

 change

dksadtchk [ -a -h -v -c ]

for

dskadtchk [ -a -h -v -c ]

By: Joe
Reply  

What is wrong with logwatch? This creates detailed information and sends the output to your mailbox.

 Not that there is no room for more tools, just that you said...

 "Basic Linux system auditing is a bit tricky and data collected and information of that is out of place and readability is not that good."

 And that is not entirely true if you know where to look :)

 Joe

By: imid
Reply  

The scripts had issues with recognizing red hat servers; it was using grep –I rhel which is not in /proc/version.  Maybe the scripts should use red or red hat or look in /etc/redhat-release for red or red hat.