View auditd useful commands #Adding/Modifying Rules # Watch for files auditctl –w /etc/yum.conf -p wa -k yum_watch auditctl –w /usr/bin/nmap -p x -k nmap_watch auditctl –w /etc/shadow ...Read More