Jump to contentJump to page navigation: previous page [access key p]/next page [access key n]
Security and Hardening Guide
  1. About This Guide
  2. 1 Security and Confidentiality
  3. 2 Common Criteria
  4. I Authentication
    1. 3 Authentication with PAM
    2. 4 Using NIS
    3. 5 Setting Up Authentication Clients Using YaST
    4. 6 LDAP with 389 Directory Server
    5. 7 Network Authentication with Kerberos
    6. 8 Active Directory Support
    7. 9 Setting Up a FreeRADIUS Server
  5. II Local Security
    1. 10 Physical Security
    2. 11 Software Management
    3. 12 File Management
    4. 13 Encrypting Partitions and Files
    5. 14 Storage Encryption for Hosted Applications with cryptctl
    6. 15 User Management
    7. 16 Restricting cron and at
    8. 17 Spectre/Meltdown Checker
    9. 18 Configuring Security Settings with YaST
    10. 19 The Polkit authentication framework
    11. 20 Access Control Lists in Linux
    12. 21 Intrusion Detection with AIDE
  6. III Network Security
    1. 22 X Window System and X Authentication
    2. 23 Securing network operations with OpenSSH
    3. 24 Masquerading and Firewalls
    4. 25 Configuring a VPN Server
    5. 26 Improving Network Security with sysctl Variables
    6. 27 Enabling compliance with FIPS 140-2
  7. IV Confining Privileges with AppArmor
    1. 28 Introducing AppArmor
    2. 29 Getting Started
    3. 30 Immunizing Programs
    4. 31 Profile Components and Syntax
    5. 32 AppArmor Profile Repositories
    6. 33 Building and Managing Profiles with YaST
    7. 34 Building Profiles from the Command Line
    8. 35 Profiling Your Web Applications Using ChangeHat
    9. 36 Confining Users with pam_apparmor
    10. 37 Managing Profiled Applications
    11. 38 Support
    12. 39 AppArmor Glossary
  8. V SELinux
    1. 40 Configuring SELinux
  9. VI The Linux Audit Framework
    1. 41 Understanding Linux Audit
    2. 42 Setting Up the Linux Audit Framework
    3. 43 Introducing an Audit Rule Set
    4. 44 Useful Resources
  10. A Payment Card Industry Data Security Standard (PCI DSS)
  11. B GNU-Lizenzen
Applies to SUSE Linux Enterprise Server 15 SP2

44 Useful Resources

There are other resources available containing valuable information about the Linux audit framework:

The Audit Manual Pages

There are several man pages installed along with the audit tools that provide valuable and very detailed information:


The Linux audit daemon


The Linux audit daemon configuration file


A utility to assist controlling the kernel's audit system


A program similar to strace


A tool to query audit daemon logs


A tool that produces summary reports of audit daemon logs


The audit event dispatcher configuration file


The audit event dispatcher daemon talking to plug-in programs.


The home page of the Linux audit project. This site contains several specifications relating to different aspects of Linux audit, and a short FAQ.


The audit package itself contains a README with basic design information and sample .rules files for different scenarios:

capp.rules: Controlled Access Protection Profile (CAPP)
lspp.rules: Labeled Security Protection Profile (LSPP)
nispom.rules: National Industrial Security Program Operating Manual Chapter 8(NISPOM)
stig.rules: Secure Technical Implementation Guide (STIG)

The official Web site of the Common Criteria project. Learn all about the Common Criteria security certification initiative and which role audit plays in this framework.

Print this page