Date: Thu, 6 Oct 2016 20:29:56 +0330 From: mokhi <mokhi64@gmail.com> To: freebsd-hackers@freebsd.org, hackers@freebsd.org Subject: Using Audit Framework and praudit Message-ID: <CAByVWPVhrb78=tgHBKf578MO2n3xWQnGeksV9NQtAi%2BLeKmiCA@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hi guys. For using "The audit framework", should I rebuild my kernel to use "praudit" to log exec or syscall events ? I used the way that handbook says to use praudit, but it only shows me logs on authentications with "su" and stop/starting "auditd" service, and there's no any other logs. Any ideas what other things should i do ? Best wishes, Mokhi.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAByVWPVhrb78=tgHBKf578MO2n3xWQnGeksV9NQtAi%2BLeKmiCA>