auditd
There are 67 repositories under auditd topic.
Lifailon/lazyjournal
A TUI for reading logs from journald, auditd, file system, Docker containers, Compose stacks, Podman and Kubernetes pods with support for output coloring and multiple filtering modes.
bfuzzy/auditd-attack
A Linux Auditd rule set mapped to MITRE's Attack Framework
threathunters-io/laurel
Transform Linux Audit logs for SIEM usage
wagga40/Zircolite
A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs
konstruktoid/ansible-role-hardening
Ansible role to apply a security baseline. Systemd edition.
elastic/go-libaudit
go-libaudit is a library for communicating with the Linux Audit Framework.
0xrajneesh/Security-Assessments-projects-for-Beginners
Hands-on projects for beginners to learn and practice essential cybersecurity skills through security assessments.
Scribery/aushape
A library and a tool for converting audit logs to XML and JSON
ShellCode33/ArchLinux-Hardened
ArchLinux setup which focuses on desktop security
ITNerdbox/OS-Hardening
Hardening the Linux operating system for Debian like distributions.
chef-cookbooks/auditd
Install and configure user mode auditd tools
Mosuan/AuditdPy
!!!不建议使用了,可以使用AuditBeat!!! Linux服务器命令监控辅助脚本,ElasticSearch + Logstash + Kibana + Redis + Auditd
xeraa/auditbeat-in-action
Demo for Elastic's Auditbeat and SIEM
codewhitesec/apollon
Proof-of-Concept to evade auditd by writing /proc/PID/mem
codewhitesec/daphne
Proof-of-Concept to evade auditd by tampering via ptrace
robertdebock/ansible-role-auditd
Install and configure auditd on your system.
j91321/ansible-role-auditbeat
Ansible role to install auditbeat for security monitoring. (Ruleset included)
alex-leonhardt/auditr
A small Go program to read /var/log/audit/audit.log
steveandreassend/linux_auditd
Best practice configuration for Linux auditd for CIS and STIG standards, enhanced with LOTL detection rules.
dcsteve24/Ansible-Linux-Install-ELK-Stack
Installs 7.X ELK Stack on CentOS, RHEL, Ubuntu, or Debian
gurucleff/logstash-auditd
logstash 5.4 auditd filter
gibbs/puppet-auditd
Puppet auditd module
simp/pupmod-simp-auditd
The SIMP auditd Puppet Module
tricktux/file-audit-system
:eyes: File monitoring software that will log file access to configured directories on the system.
angelbarrera92/ansible-role-auditbeat
An Ansible Role that installs Auditbeat on RedHat/CentOS or Debian/Ubuntu.
appvia/auditd-container
Simple alpine image with auditd intended usage is to be used in combination with docker-desktop kubernetes to allow building a seccomp profiles with the kubernetes-sigs/security-profiles-operator
athoune/audisp-go
golang audisp client for auditd
lprat/SLDS
Secure Linux Debian Script
buluma/ansible-role-auditd
Install and configure auditd on your system.
JohnnyS1lverhand/tinysoc-lightweight-lab
Lightweight SOC lab with ELK, Suricata, ClamAV and Auditd — built and tested on a MacBook Air M1.
jquiterio/auquery
Linux auditd report and query
litew/linux-audit-notes
Notes about linux-audit subsystem (kernel & userspace)
mismailzz/CMAuditd_v2
CMAuditd (version 2) is a free and open-source GUI designed to be used with Auditd, which is the userspace component of the Linux Auditing System. It provides more functionality and a better interface than its previous version.
MVladislav/ansible-security
ansible-role to install and setup auditd, fail2ban and snmp.
usrtem/Digital-Forensics-Labwork
A collection of digital forensics lab reports covering Linux artifact recovery, shell history analysis, bash script forensics, and incident reconstruction using tools like SleuthKit, Auditd, and command-line utilities.
while-true-do/ansible-role-sys_audit
An Ansible Role to install and configure audit.