[ale] Setting up Audit

Naylor, Jim Jnaylor at Schnucks.com
Thu Mar 22 17:04:16 EDT 2007


Hello All,
I need to turn on auditing on a Redhat Enterprise Linux system in order to be PCI compliant.  If I am correct, this will give me information on what command users are executing/editing etc.  I have found that I can start the auditd by executing /etc/init.d/audit start and it creates audit logs in /var/log/audit called bin.0, bin.1, etc.  What I cannot seem to find is how to extract this data.  I found something about aureport but I cannot seem to find this command on my system.  Is anyone aware of any white papers on how to setup auditing and generate reports?  Your assistance is greatly appreciated.

Thanks,
Jim Naylor
Unix/Storage Systems Administrator
Schnuck Markets, Inc.
*  Direct (314) 994-4784
))(  Cell    (314) 691-0186
      Fax     (314) 994-4684
*  E-Mail  jnaylor at schnucks.com

______________________________________________________________________
The information transmitted (including attachments) is covered by the Electronic Communications Privacy Act, 18 U.S.C. 2510-2521, is intended only for the person(s) or entity/entities to which it is addressed and may contain confidential and/or privileged material.  Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient(s) is prohibited.  If you received this in error, please contact the sender and delete the material from any computer.



More information about the Ale mailing list