Hi, I would like to keep an audit log of any filesystem actions, not through just Samba.
Is it safe/possible to install auditd in Univention and use it to audit directories?
Gerald
Hi, I would like to keep an audit log of any filesystem actions, not through just Samba.
Is it safe/possible to install auditd in Univention and use it to audit directories?
Gerald
Yes, see Auditd und acct
auditd
you have to enable the unmaintained
repository, e.g. sudo ucr set repository/online/unmaintained=yes
and univention-install auditd
.Repository Settings
and Package management
.I recently wrote a private blog article about how to use audit
, which also includes examples for logging file access.
Be warned that enabling too much logging can dramatically reduce the performance of your system!