Lightweight shipper for audit data from Linux kernel
Lightweight Shipper for Audit Data
auditbeat
$ auditbeat -e
$ auditbeat test config
$ auditbeat -c /etc/auditbeat/auditbeat.yml -e