`audit`#

$ target-query <path/to/target> -f audit

Details#
Module	`os.unix.log.audit.AuditPlugin`
Output	`records`

Module documentation

No documentation

Function documentation

Return CentOS and RedHat audit information stored in /var/log/audit*.

The audit log file on a Linux machine stores security-relevant information. Based on pre-configured rules. Log messages consist of space delimited key=value pairs.

References:

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/security_guide/chap-system_auditing
https://linux-audit.com/linux-audit-log-files-in-var-log-audit/
https://man7.org/linux/man-pages/man8/auditd.8.html
https://man7.org/linux/man-pages/man8/ausearch.8.html
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/security_guide/sec-understanding_audit_log_files

audit#

`audit`#