Troubleshooting guide for Lynis

Troubleshooting Lynis This document helps with solving most common issues experienced when running Lynis. Errors No hostid and/or hostid2 found Some systems do not have the OpenSSH server package installed. In this case, the hostid2 value may be missing. During the upload it may result in an error. Error: No hostid and/or hostid2 found. Can not upload report file. To see what Lynis discovered, use the show command. lynis show hostids If the hostid2 is missing, we can tell Lynis […]

Read more

Tuning auditd: high-performance Linux Auditing

The Linux Audit framework is a powerful tool to audit system events. From running executables up to system calls, everything can be logged. However, all this audit logging comes at the price of decreased system performance. Let’s have a look at how we can optimize our audit rules. Performance tips Good auditd performance will reduce stress on the Linux kernel and lower its impact. Before changing anything to your system, we suggest benchmarking your system performance before and after. This […]

Read more

Linux Audit Framework 101 – Basic Rules for Configuration

Starting with Linux auditing can be overwhelming. Fortunately, there is a great feature in the Linux kernel to watch events and log them for us. To give you a quick start to use the Linux Audit Framework, we have collected some basic rules for configuring the audit daemon and its rules. Main Configuration By default the configuration values in /etc/audit/audit.conf are suitable for most systems. If you know your system is very low or very high (e.g. mainframe) on resources, […]

Read more