This configuration file for Auditd is designed for the MITRE ATT&CK Evaluation. Tested with Deep Security Manager ™ 12 LTS with DSRU version 20-038 and above and Deep Security Agent version 12
Instructions on configuring Auditd and the appropriate Log Inspection Rules can be found here: https://success.trendmicro.com/solution/000266142
This Auditd Config can be tuned as per the Customer infrastructure and environment. Project contributors may be able to help, depending on their time and availability. Please be specific about what you're trying to do, your system, and steps to reproduce the problem.
Official support from Trend Micro is not available. Individual contributors may be Trend Micro employees, but are not official support.
If you have questions about using the auditd-config with Deep Security Log Inspection Module, consider asking on Stack Overflow. Tag your question with deepsecurity and it will get pushed to our internal automation support Slack channel.
We accept contributions from the community. To submit changes:
- Fork this repository.
- Create a new feature branch.
- Make your changes.
- Submit a pull request with an explanation of your changes or additions.
We will review and work with you to release the Auditd Config file changes.