Hi, I am using redhat 6, and trying to create logs for some system call using the rule given below:
*-a always,exit -F arch=b64 -S chmod -S fchmod -S fchmodat -F auid>=500 -F auid!=4294967295 -k perm_mod* After running command chmod i was not able to get any log, but when i used strace command i have seen that syscall have been called. I also checked that auditd service is running properly. May you guide me why i am not able to get any log message. i also checked by writting rule for 32 bit, but problem still not resolved. -- Bharat Gupta IIT -Roorkee
-- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
