auditctl Command Examples

Utility to control the behavior, get status and manage rules of the Linux Auditing System. More information: https://manned.org/auditctl.

sudo auditctl -s

sudo auditctl -l

sudo auditctl -D

sudo auditctl -e {{1|0}}

sudo auditctl -a always,exit -F arch=b64 -F path={{/path/to/file}} -F perm=wa

sudo auditctl -a always,exit -F arch=b64 -F dir={{/path/to/directory/}} -F perm=wa

auditctl -h