Hi all! Apologies if this topic has already been discussed before, I couldn't find an easy way to sift through older archives.
Is there an auditd rule set which offers a reasonable level of security visibility and has been tested on enterprise production systems? And if such a rule set can be shared here? I'm looking for a base document to deploy/modify for use within my organization. Many thanks in advance. Regards
-- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
