Auditing Logons/Logoffs
warron.french
warron.french at gmail.com
Fri Jul 14 19:51:16 UTC 2017
Back to this again, as I thought my coworker had addressed it months ago,
but he did not as I cannot find anything.
*THE_SUBJECT*: Auditing Logons and Logoffs (success/failures)
I am aware of the following files:
/var/log/faillog, and
/var/log/lastlog
The following link is relevant to RHEL5 (maybe 6 and 7??):
https://www.stigviewer.com/stig/oracle_linux_5/2015-12-07/finding/V-818
Is there an appropriate syscall for handling *THE_SUBJECT*?
Do I use the syntax as advised in the link provided at stigviewer.com?
We are dealing with systems that do tie into IPA, but have to ensure
*THE_SUBJECT* is being addressed and forwarded.
I have to support both RHEL6 and RHEL7.
Thanks in advance,
--------------------------
Warron French
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/linux-audit/attachments/20170714/bb6d2eab/attachment.htm>
More information about the Linux-audit
mailing list