Install
openclaw skills install auditdAuditd
Linux Audit Framework reference. auditctl rules for file watches and syscall auditing, auditd.conf configuration, ausearch log queries, aureport summaries, audit.log format, CIS/PCI-DSS compliance rules, and audit tools.
auditd
Linux Audit Framework reference — kernel-level security auditing.
Commands
| Command | Description |
|---|---|
intro | What is auditd, architecture, quick start |
rules | auditctl watches, syscall rules, filters |
config | auditd.conf settings, rotation, disk actions |
search | ausearch by key, time, user, file |
report | aureport summaries, login, auth, file |
logs | audit.log format, field meanings |
compliance | CIS benchmark and PCI-DSS rules |
tools | auditctl, audit2allow, aulast, autrace |