audit daemon 2.4.1

This is the official, original and Open Source audit package for Linux operating systems

  Add it to your Download Basket!

 Add it to your Watch List!


Rate it!

What's new in audit daemon 2.4.1:

  • Make python3 support easier
  • Add support for ppc64le (Tony Jones)
  • Add some translations for a1 of ioctl system calls
  • Add command & virtualization reports to aureport
Read full changelog
send us
an update
GPL (GNU General Public License) 
Stephen Grubb
2.6/5 34
ROOT \ System \ Monitoring
audit daemon (auditd) is an open source, free and non-interactive daemon, a command-line program that provides the necessary user-space tools for creating audit rules on Linux kernel-based operating systems.

Works as a limited standalone auditing framework

The software can also be used for searching and storing the audit records that were generated by the audit subsystem in Linux kernel 2.6 or later. It works as a limited standalone auditing framework on your GNU/Linux distribution.

The Linux Auditing Framework

Also known as the Linux Auditing Framework, the audit daemon project was initially created to provide system call auditing without stepping on the existing functionality provided by projects like SELinux.

How the program works

The program can open and close audit log files that are find in the folders specified in the audit_control file. It will take all the files in the order they are specified in that file and reads only audit data from the kernel. Then, it writes that data to an audit log file.

Additionally, it executes a script called audit_warn when the respective audit folders fill past the specified limits written in the audit_control file. audit daemon will then send warnings to the console and to the audit_warn mail alias.

Installing the audit daemon

To install the audit daemon on your GNU/Linux operating system using the source package, you will have to first download it from its official website (see the homepage link at the end of the article), save the archive on your Home directory, and unpack it using an archive manager tool.

In a terminal emulator, navigate to the location of the extracted archive files using the ‘cd’ command (e.g. cd /home/softpedia/audit-2.4.1), run the ‘./configure && make’ command to configure and compile the program, then run the ‘sudo make install’ command to install it system wide.

audit daemon was reviewed by , last updated on January 15th, 2015

#system monitoring #system security #audit daemon #audit #daemon #monitoring #security

Add your review!