Difference between revisions of "/var/log/audit/audit.log"
Jump to navigation
Jump to search
| (3 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
[[/var/log/audit/]]audit.log | [[/var/log/audit/]]audit.log | ||
| + | du -hs /var/log/audit/ | ||
| + | 36M [[/var/log/]]audit/ | ||
| − | type=CRED_ACQ | + | type=[[CRED_ACQ]] |
| − | type=CRED_DISP | + | type=[[CRED_DISP]] |
| − | type=CRED_REFR | + | type=[[CRED_REFR]] |
| − | type=CWD | + | type=[[CWD]] |
| − | type=LOGIN | + | type=[[LOGIN]] |
| − | type=PATH | + | type=[[PATH]] |
| − | type=PROCTITLE | + | type=[[PROCTITLE]] |
| − | type=SYSCALL | + | type=[[SYSCALL]] |
| − | type=USER_ACCT | + | type=[[USER_ACCT]] |
| − | type=USER_END | + | type=[[USER_END]] |
| − | type=USER_START | + | type=[[USER_START]] |
| + | |||
| + | |||
| + | |||
| + | type=USER_START msg=audit(1694069101.121:198103): pid=9126 uid=0 auid=0 ses=6308 msg='op=PAM:session_open acct="root" exe="/usr/sbin/cron" hostname=? addr=? terminal=cron res=success' | ||
== Related == | == Related == | ||
| − | + | * <code>[[bastion.log]]</code> | |
| + | * [[Linux Bastion Hosts on AWS]] | ||
== See also == | == See also == | ||
Latest revision as of 11:44, 4 March 2024
/var/log/audit/audit.log
du -hs /var/log/audit/ 36M /var/log/audit/
type=CRED_ACQ type=CRED_DISP type=CRED_REFR type=CWD type=LOGIN type=PATH type=PROCTITLE type=SYSCALL type=USER_ACCT type=USER_END type=USER_START
type=USER_START msg=audit(1694069101.121:198103): pid=9126 uid=0 auid=0 ses=6308 msg='op=PAM:session_open acct="root" exe="/usr/sbin/cron" hostname=? addr=? terminal=cron res=success'
Related[edit]
See also[edit]
Advertising:
