Insight: How to Install Audit Tool in RHEL/CentOS/Fedora
Let’s jump into the process of installing audit tool in RHEL, CentOS and Fedora operating system.
Install Audit Tool In RHEL/CentOS/Fedora
Run the following command to make sure that the audit tool is installed on your system:
rpm -qa | grep audit
If not installed, run the following command to install Audit tool in RedHat, CentOS and Fedora.
yum install audit
In next step, check if auditd tool is enabled and running in your system:
For CentOS/RHEL 6 # service auditd status # service auditd start [Start] # chkconfig auditd on [Enable] For CentOS/RHEL 7 # systemctl is-enabled auditd # systemctl status auditd # systemctl start auditd [Start] # systemctl enable auditd [Enable]
You can configure auditd using the main configuration file /etc/audit/auditd.conf.
# vi /etc/audit/auditd.conf