Periodically I’ve had auditors come to me and say “can you tell me what this user on this system did between such-and-such dates/times” and my answer is usually no. By default, Linux systems don’t log this info. But they can. In this tutorial, I’ll show you how to use auditd, which is a daemon you […]