Log shell commands to syslog
export PROMPT_COMMAND=“${PROMPT_COMMAND:+$PROMPT_COMMAND ; }”‘echo $$ $USER “$(history 1)”|logger -p user.alert -t bash_history’ readonly PROMPT_COMMAND
auditd
auditd useful commands
#Adding/Modifying Rules # Watch for files auditctl –w /etc/yum.conf -p wa -k yum_watch auditctl –w /usr/bin/nmap -p x -k nmap_watch auditctl –w /etc/shadow -p… Read More »auditd useful commands