Rsyslog

Linux audit: Log files in /var/log/audit

audit
auditd
auditd.conf
rsyslog

This article describes the purpose of the audit.log file in /var/log/audit and the relationship with the Linux audit framework.

Configuration and collecting of Linux audit events

audit
events
logging
rsyslog

Guide to setup central audit logging for your Linux based systems, with the use of the powerful Linux audit framework. No single audit log should get lost!