Recording system events with auditd
Audits are critical for system administrators to detect security violations and track security-relevant information on their systems. Anyone concerned about the security, stability, and proper operation of their Linux servers should conduct an audit. How to do auditing in linux One simple way is to use the history command to observe the shell’s history, but this has many limitations. One of them is that this command is only applicable to the current user....