Hypothesis

4 Matching Annotations

Last 7 days
koansoftware.com koansoftware.com

Comprehensive guide to Auditd for Linux Embedded systems

3
1. ali78k 20 Oct 2025
  
  in Public
  
  -S Syscall: specifies which system call (syscall) should be monitored.
  
  See this for reference: https://filippo.io/linux-syscall-table/
2. ali78k 20 Oct 2025
  
  in Public
  
  exit
  
  the event to be logged should occur when a system call finishes, rather than when it starts or during its execution
3. ali78k 20 Oct 2025
  
  in Public
  
  always
  
  always monitor
Visit annotations in context

Annotators

ali78k

URL

koansoftware.com/comprehensive-guide-to-auditd-for-linux-embedded-systems/
Oct 2025
documentation.wazuh.com documentation.wazuh.com

Creating custom FIM rules - File integrity monitoring

1
1. ali78k 15 Oct 2025
  
  in Public
  
  Trigger alerts when execute permission is added to a script
  
  Good Idea for the /tmp directory! isn't it?
Visit annotations in context

Annotators

ali78k

URL

documentation.wazuh.com/current/user-manual/capabilities/file-integrity/creating-custom-fim-rules.html