Search found 1 match
- 2019/01/10 17:00:59
- Forum: CentOS 6 - Security Support
- Topic: auditd default config (no rules defined) but audit.log is filled with data
- Replies: 0
- Views: 4442
auditd default config (no rules defined) but audit.log is filled with data
When implementing CIS controls I came across a control to test whether 'an audit rule exists' that enables logging of successful and failed login attempts. However, it seems that this event is logged in /var/log/audit.log (by auditd I assume) by default: - Installed audit package - no config changes...