Difference between revisions of "/var/log/audit/audit.log"
Jump to navigation
Jump to search
| (4 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
[[/var/log/audit/]]audit.log | [[/var/log/audit/]]audit.log | ||
| + | du -hs /var/log/audit/ | ||
| + | 36M [[/var/log/]]audit/ | ||
| − | [[ | + | type=[[CRED_ACQ]] |
| + | type=[[CRED_DISP]] | ||
| + | type=[[CRED_REFR]] | ||
| + | type=[[CWD]] | ||
| + | type=[[LOGIN]] | ||
| + | type=[[PATH]] | ||
| + | type=[[PROCTITLE]] | ||
| + | type=[[SYSCALL]] | ||
| + | type=[[USER_ACCT]] | ||
| + | type=[[USER_END]] | ||
| + | type=[[USER_START]] | ||
| + | |||
| + | type=USER_START msg=audit(1694069101.121:198103): pid=9126 uid=0 auid=0 ses=6308 msg='op=PAM:session_open acct="root" exe="/usr/sbin/cron" hostname=? addr=? terminal=cron res=success' | ||
| + | |||
| + | == Related == | ||
| + | * <code>[[bastion.log]]</code> | ||
| + | * [[Linux Bastion Hosts on AWS]] | ||
| + | |||
| + | == See also == | ||
* {{Bastion}} | * {{Bastion}} | ||
* {{auditd}} | * {{auditd}} | ||
| + | |||
| + | [[Category:Security]] | ||
Latest revision as of 11:44, 4 March 2024
/var/log/audit/audit.log
du -hs /var/log/audit/ 36M /var/log/audit/
type=CRED_ACQ type=CRED_DISP type=CRED_REFR type=CWD type=LOGIN type=PATH type=PROCTITLE type=SYSCALL type=USER_ACCT type=USER_END type=USER_START
type=USER_START msg=audit(1694069101.121:198103): pid=9126 uid=0 auid=0 ses=6308 msg='op=PAM:session_open acct="root" exe="/usr/sbin/cron" hostname=? addr=? terminal=cron res=success'
Related[edit]
See also[edit]
Advertising:
