On 2023-06-05 18:17, Vincent Abraham wrote: > Greetings, > Could anyone point me to a source for comprehensive documentation for the > Linux audit framework? I want to know how the framework interacts with the > kernel to retrieve log information.
This is the place to start: https://github.com/linux-audit/audit-documentation/wiki And this is the top level page for the 4 sub-projects: https://github.com/linux-audit > Thanks. - RGB -- Richard Guy Briggs <r...@redhat.com> Sr. S/W Engineer, Kernel Security, Base Operating Systems Remote, Ottawa, Red Hat Canada IRC: rgb, SunRaycer Voice: +1.647.777.2635, Internal: (81) 32635 -- Linux-audit mailing list Linux-audit@redhat.com https://listman.redhat.com/mailman/listinfo/linux-audit