[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Is there a rule for auditing all processes' syscall info?



Hi all,
    We can use a rule to audit one specific process's all syscall info,
eg: auditctl -a entry,always -S all -F pid=1005, it will log process 1005's
syscall info. Is there a rule available to audit all processes' syscall info?

Thanks in advance.

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]