CMAuditd is a free and open-source GUI designed to be used with Auditd, which is the userspace component to the Linux Auditing System. It tracks security-relevant information on your system based on the rules, defined in its configuration file.
The Audit log entries record the information about the events taking place in the kernel space of your system. This information is also crucial for critical environments to determine the violation of security policies. The audit logs are used to monitor systems for suspicious activity but it does not provide additional security to your system.
CMAuditd provides UI for Auditd service and prevents us to not to remember and type all different commands and shifting among the terminals. There are some steps for setup:
- Download the package: https://github.com/mismailzz/CMAuditd
- Auditd, Python must be installed on your Linux (like Debian, etc) machine.
- You have to create a new auditd.log file on the specified location (below)
root@cybermizz:~# nano /var/log/audit/auditd.log
- Change the log path from the auditd.conf
root@cybermizz:~# nano /etc/audit/auditd.conf
change the log_file path to
log_file = /var/log/audit/auditd.log
- Run is as rootroot@cybermizz:~# python cmauditd.py
- The tutorial of CMAuditd is available on the link below: https://www.youtube.com/watch?v=QBx_eZdzI4k