An introduction to utilizing auditd to detect malicious activity on a Linux system that may be under attack or, where the attacker has already gained access to the machine. This article looks at collecting the log information into /var/log/audit/audit.log.

Register to read more …