Jump to contentJump to page navigation: previous page [access key p]/next page [access key n]
documentation.suse.com / SUSE Linux Enterprise Server 文档 / Security and Hardening Guide / The Linux Audit Framework / Useful Resources
Applies to SUSE Linux Enterprise Server 12 SP5

36 Useful Resources

There are other resources available containing valuable information about the Linux audit framework:

The Audit Manual Pages

There are several man pages installed along with the audit tools that provide valuable and very detailed information:


The Linux audit daemon


The Linux audit daemon configuration file


A utility to assist controlling the kernel's audit system


A program similar to strace


A tool to query audit daemon logs


A tool that produces summary reports of audit daemon logs


The audit event dispatcher configuration file


The audit event dispatcher daemon talking to plug-in programs.


The home page of the Linux audit project. This site contains several specifications relating to different aspects of Linux audit, and a short FAQ.


The audit package itself contains a README with basic design information and sample .rules files for different scenarios:

capp.rules: Controlled Access Protection Profile (CAPP)
lspp.rules: Labeled Security Protection Profile (LSPP)
nispom.rules: National Industrial Security Program Operating Manual Chapter 8(NISPOM)
stig.rules: Secure Technical Implementation Guide (STIG)

The official Web site of the Common Criteria project. Learn all about the Common Criteria security certification initiative and which role audit plays in this framework.