Linux – Monitor a specific file.

This issue is easy to solve.
Audit and audit-libs can be installed in Fedora distro Linux
using the DNF utility:

Check the service to be active:

If this is not active try to start or restart it with these commands:

Let’s create a audit rule configured on the server with the label/key named sshconfigchange to log every access or modification to the file: /etc/ssh/sshd_config, with this command:

The changes can be see with:

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.