Linux Server Admin with Fexingo: Sysadmin, Bash, and Server Engineering

Linux Server Auditing with Auditd for Security Compliance


Listen Later

In this episode of Linux Server Admin with Fexingo, Lucas and Luna dive into Linux server auditing using auditd. They explain how to set up audit rules to monitor file access, track user commands, and detect unauthorized changes. Key topics include installing auditd, creating persistent rules with auditctl, generating reports with aureport, and searching logs with ausearch. The hosts use a concrete example: monitoring changes to /etc/shadow and /etc/passwd to catch privilege escalation attempts. They also discuss how auditd fits into compliance frameworks like SOC 2 and PCI-DSS. By the end, listeners learn how to build a lightweight auditing layer that runs alongside tools like Falco and Logwatch. Perfect for sysadmins who need to pass audits or investigate incidents without deploying heavy SIEM infrastructure.

#LinuxServerAuditing #Auditd #SecurityCompliance #Sysadmin #LinuxSecurity #Auditctl #Aureport #Ausearch #ServerHardening #Compliance #SOC2 #PCIDSS #FileIntegrityMonitoring #PrivilegeEscalation #Technology #Linux #FexingoBusiness #BusinessPodcast

Keep every episode free: buymeacoffee.com/fexingo

...more
View all episodesView all episodes
Download on the App Store

Linux Server Admin with Fexingo: Sysadmin, Bash, and Server EngineeringBy Fexingo