Auditd.conf

Tuning auditd: high-performance Linux Auditing

accounting
auditctl
auditd
auditd.conf
performance
tuning

To achieve better performance with a auditd configuration, it needs to be tuned. See performance boosters like events exclusion, rule ordering, and more.

Linux Audit Framework 101 – Basic Rules for Configuration

audit
audit.rules
auditctl
auditd
auditd.conf
ausearch

The Linux audit framework is a very powerful tool to monitor files, directories, and system calls. Learn how to configure it.

Linux audit: Log files in /var/log/audit

audit
auditd
auditd.conf
rsyslog

This article describes the purpose of the audit.log file in /var/log/audit and the relationship with the Linux audit framework.