73 results for “topic:auditd”
TUI for viewing logs from journald, auditd, file system, Docker and Podman containers, Compose stacks and Kubernetes pods with support for log highlighting and several filtering modes.
A Linux Auditd rule set mapped to MITRE's Attack Framework
Transform Linux Audit logs for SIEM usage
A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs
Ansible role to apply a security baseline. Systemd edition.
go-libaudit is a library for communicating with the Linux Audit Framework.
Hands-on projects for beginners to learn and practice essential cybersecurity skills through security assessments.
A library and a tool for converting audit logs to XML and JSON
ArchLinux setup which focuses on desktop security
Hardening the Linux operating system for Debian like distributions.
Install and configure user mode auditd tools
!!!不建议使用了,可以使用AuditBeat!!! Linux服务器命令监控辅助脚本,ElasticSearch + Logstash + Kibana + Redis + Auditd
Proof-of-Concept to evade auditd by writing /proc/PID/mem
Demo for Elastic's Auditbeat and SIEM
Install and configure auditd on your system.
Proof-of-Concept to evade auditd by tampering via ptrace
Ansible role to install auditbeat for security monitoring. (Ruleset included)
Best practice configuration for Linux auditd for CIS and STIG standards, enhanced with LOTL detection rules.
A small Go program to read /var/log/audit/audit.log
Installs 7.X ELK Stack on CentOS, RHEL, Ubuntu, or Debian
logstash 5.4 auditd filter
OS-level runtime security for AI agents. Tamper-proof monitoring, behavioral detection, and audit trails.
:eyes: File monitoring software that will log file access to configured directories on the system.
The SIMP auditd Puppet Module
Puppet auditd module
An Ansible Role that installs Auditbeat on RedHat/CentOS or Debian/Ubuntu.
Secure Linux Debian Script
Simple alpine image with auditd intended usage is to be used in combination with docker-desktop kubernetes to allow building a seccomp profiles with the kubernetes-sigs/security-profiles-operator
golang audisp client for auditd
Lightweight SOC lab with ELK, Suricata, ClamAV and Auditd — built and tested on a MacBook Air M1.