Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Troubleshooting CentOS

You're reading from   Troubleshooting CentOS A practical guide to troubleshooting the CentOS 7 community-based enterprise server

Arrow left icon
Product type Paperback
Published in Jun 2015
Publisher
ISBN-13 9781785289828
Length 190 pages
Edition 1st Edition
Tools
Concepts
Arrow right icon
Author (1):
Arrow left icon
Jonathan Hobson Jonathan Hobson
Author Profile Icon Jonathan Hobson
Jonathan Hobson
Arrow right icon
View More author details
Toc

Table of Contents (12) Chapters Close

Preface 1. Basics of Troubleshooting CentOS FREE CHAPTER 2. Troubleshooting Active Processes 3. Troubleshooting the Network Environment 4. Troubleshooting Package Management and System Upgrades 5. Troubleshooting Users, Directories, and Files 6. Troubleshooting Shared Resources 7. Troubleshooting Security Issues 8. Troubleshooting Database Services 9. Troubleshooting Web Services 10. Troubleshooting DNS Services Index

Auditing directories and files


An important task related to troubleshooting can arise from an understanding of activities commonly associated with the action of reading and writing files. CentOS 7 provides a simple utility for this. Known as auditd, this service (or daemon) starts during the boot process. Events are recorded to an associated log file found at /var/log/audit and as it runs in the background, you can check the current service status with:

# systemctl status | grep audit

It is possible to customize the auditing service and you can have direct access to manage the log file size, location, and associated attributes by accessing the following file with your favorite text editor:

# nano /etc/audit/auditd.conf

Moreover, if you do not wish to lose any auditing data, you are able to disable the machine when an audit cannot be performed. To do this, open the configuration file auditd.conf and add or modify the following lines:

max_log_file_action = keep_logs
space_left_action = email...
lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime