Auditd Agent Options

Auditd is the userspace component to the Linux Auditing System that is responsible for writing audit records to the disk. Using the Auditd option, you can change the auditd tool settings to comply with the Security Technical Information Guidelines (STIG) recommendations.

➢

To set Auditd options according to STIG:

1.

From the Security menu, choose Auditd Options, and then press Enter.

Auditd Options

2.

Type y to enable auditd settings according to STIG recommendations.

Audit records are saved in the following /var/log/audit/ directory.