Can you elaborate on this? It is a UNIX environment, would this tell us what user made changes to a file in conjunction with file integrity alerts?
On Friday, November 9, 2012 12:13:53 PM UTC-6, dan (ddpbsd) wrote: > > On Fri, Nov 9, 2012 at 1:04 PM, mcrane0 <[email protected] <javascript:>> > wrote: > > Subject says it all. I'd like to know if it's possible to have Syscheck > or > > the File Integrity monitoring tools record what user made the change as > part > > of it's alerting capabilities. > > > > Thanks! > > That's still not an option. You might be able to utilize the auditing > functionality of your OS to log file changes and trigger alerts on > those log messages. >
