[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

linux auditd: Not getting log for chmod syscall



Hi,

I am using redhat 6, and trying to create logs for some system call using the rule given below:

-a always,exit -F arch=b64  -S chmod -S fchmod -S fchmodat -F auid>=500  -F auid!=4294967295 -k perm_mod

After running command chmod i was not able to get any log, but when i used strace command i have seen that syscall have been called.
I also checked that auditd service is running properly.
May you guide me why i am not able to get any log message.
i also checked by writting rule for 32  bit, but problem still not resolved.

--
Bharat Gupta 
IIT -Roorkee



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]