Package audit

User space tools for 2.6 kernel auditing

http://people.redhat.com/sgrubb/audit/

The audit package contains the user space utilities for
storing and searching the audit records generated by
the audit subsystem in the Linux 2.6 and later kernels.

File Formats
File Description
audispd.conf the audit event dispatcher configuration file
auditd.conf audit daemon configuration file
ausearch-expression audit search expression format
Miscellanea
Name Description
audit.rules a set of rules loaded in the kernel audit system
System Administration
Command Description
audispd an event multiplexor
auditctl a utility to assist controlling the kernel's audit system
auditd The Linux Audit daemon
augenrules a script that merges component audit rule files
aulast a program similar to last
aulastlog a program similar to lastlog
aureport a tool that produces summary reports of audit daemon logs
ausearch a tool to query audit daemon logs
ausyscall a program that allows mapping syscall names and numbers
autrace a program similar to strace
auvirt a program that shows data related to virtual machines