[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Audit rule problem



Hello.

 

I wonder if someone can help me with an audit rule issue?

 

I want to log if someone uses the rpm command (to install/upgrade packages), but not the rest of commands. Only the rpm command!

Is it possible? If so, can anyone please tell me how to write the rule string? I’ve searched the internet, without success.

 

 

Regards

 

Roger Holm

 


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]