A presentation at IBM SHARE Denver in in Denver, CO, USA by Shawn Wells
Why is Linux auditing needed? What can it do for me? How does it work? How do events get audited? How do I make sense of all the data? What is the difference between Linux’s syslog and audit facilities?