Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Programming
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Databases
Mail Systems
openSolaris
Eclipse Documentation
Techotopia.com
Virtuatopia.com
Answertopia.com

How To Guides
Virtualization
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Windows
Problem Solutions
Privacy Policy

  




 

 

FreeBSD Handbook
Prev Chapter 17 Security Event Auditing Next

17.3 Installing Audit Support

User space support for Event Auditing is installed as part of the base FreeBSD operating system. In FreeBSD 7.0 and later, kernel support for Event Auditing is compiled in by default. In FreeBSD 6.X, support must be explicitly compiled into the kernel by adding the following lines to the kernel configuration file:

options    AUDIT

Rebuild and reinstall the kernel via the normal process explained in Chapter 8.

Once an audit-enabled kernel is built, installed, and the system has been rebooted, enable the audit daemon by adding the following line to rc.conf(5):

auditd_enable="YES"

Audit support must then be started by a reboot, or by manually starting the audit daemon:

/etc/rc.d/auditd start
Prev Home Next
Key Terms in this Chapter Up Audit Configuration

 
 
  Published under the terms of the FreeBSD Document Project