Auditd Configuration Best Practices Logo

Auditd Configuration Best Practices

0
Free
Updated 11 March 2025
Security Operations
Linux
Security
Audit
Configuration
Pci Dss
Visit Website

The idea of this auditd configuration is to provide a basic configuration that works out-of-the-box on all major Linux distributions, fits most use cases, produces a reasonable amount of log data, covers security-relevant activity, and is easy to read with different sections and many comments. Sources: Gov.uk auditd rules, alphagov/puppet-auditd#1, CentOS 7 hardening, Linux audit repo, Auditd high-performance Linux auditing. Further rules for PCI DSS compliance and NISPOM compliance are available.

FEATURES

EXPLORE BY TAGS

Linux

Security

Audit

Configuration

Pci Dss

SIMILAR TOOLS

Nuxt Security Logo
Nuxt Security

Automatically configure your app to follow OWASP security patterns and principles with Nuxt Security module.

Free
Security Operations
COPS - Collaborative Open Playbook Standard Logo
COPS - Collaborative Open Playbook Standard

A DFIR Playbook Spec based on YAML for collaborative incident response processes.

Free
Security Operations
Datadog Logo
Datadog

Datadog offers a comprehensive suite of cybersecurity tools for various aspects of application and infrastructure monitoring.

Free
Security Operations
Investigative Analytics Platform by Cognyte Logo
Investigative Analytics Platform by Cognyte

An investigative analytics platform that uses machine learning to fuse and analyze data from multiple sources, enabling security organizations to extract insights and identify patterns for threat prevention and complex investigations.

Commercial
Security Operations
Unix-like Artifacts Collector UAC Logo
Unix-like Artifacts Collector UAC

A Live Response collection script for Incident Response that automates the collection of artifacts from various Unix-like operating systems.

Free
Security Operations
AWS Elastic Disaster Recovery Logo
AWS Elastic Disaster Recovery

Scalable, cost-effective application recovery to AWS.

Free
Security Operations
Hardentools Logo
Hardentools

Tool to disable vulnerable features in Windows and popular applications for enhanced security.

Free
Security Operations
Incident Response Investigation System (IRIS) Logo
Incident Response Investigation System (IRIS)

A web collaborative platform for incident responders to share technical details during investigations, shipped in Docker containers for easy installation and upgrades.

Free
Security Operations
CORTEX XSOAR Logo
CORTEX XSOAR

Cortex XSOAR is a comprehensive SOAR platform that automates and standardizes security processes for faster response times and increased team productivity.

Commercial
Security Operations

PINNED

Mandos Logo

Mandos

Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Consulting
Checkmarx SCA Logo

Checkmarx SCA

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Application Security
Orca Security Logo

Orca Security

A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

Cloud Security
DryRun Logo

DryRun

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Application Security
CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Operated by:

Mandos Cyber • KVK: 97994448

Netherlands • contact@mandos.io

VAT: NL005301434B12

Copyright © 2025 - All rights reserved

LINKS
BlogContact
LEGAL
Terms of servicesPrivacy policy