Digital Garden

Recent Notes

Thermocline
Apr 21, 2026
Sea surface temperature
Apr 21, 2026
Micro Scale Process
Apr 21, 2026
Machine-actionable Knowledge for Earth Science
Apr 21, 2026

❯

❯

Auditd

Apr 21, 20261 min read

linux
administration
security
auditing
notes

Auditd

auditd collects kernel-level audit events and security-relevant system activity.

Why it matters

Creates tamper-resistant trails for critical operations.
Supports investigations by linking who did what and when.
Helps satisfy compliance and governance controls.

Operational notes

Define focused audit rules for high-value events.
Ship and retain audit logs centrally.
Pair audit data with SIEM or EDR correlation.

Related

SELinux
AppArmor
Wazuh

Graph View

Auditd
Why it matters
Operational notes
Related

Backlinks

AppArmor
Linux Administration in Datacenters
Linux Host Hardening Stack Patterns
MOC Linux Administration and Security
Rsyslog
SELinux
Wazuh

Created with Quartz v4.5.2 © 2026

Website
GitHub
ORCID
LinkedIn