Linux command
aureport 命令
安全
权限或系统影响较大,执行前请核对目标。
常用示例
Example
sudo aureport
Example
sudo aureport -l
Example
sudo aureport -s
Example
sudo aureport -x
Example
sudo aureport -ts start_time -te end_time
Example
sudo aureport -t
说明
aureport generates summary reports from the Linux audit logs. It provides overviews of various event types including logins, authentication, files, syscalls, and anomalies.
参数
- -l, --login
- Report on login events
- -s, --syscall
- Report on syscall events
- -x, --executable
- Report on executable events
- -f, --file
- Report on file events
- -u, --user
- Report on user events
- -ts, --start _time_
- Start time for report
- -te, --end _time_
- End time for report
- -t, --log-time
- List audit files and their time ranges
- --summary
- Include summary statistics
- -i, --interpret
- Interpret numeric values to names
FAQ
What is the aureport command used for?
aureport generates summary reports from the Linux audit logs. It provides overviews of various event types including logins, authentication, files, syscalls, and anomalies.
How do I run a basic aureport example?
Run `sudo aureport` in a terminal, then adjust file names, paths, flags, or remote targets for your system.
What does -l, --login do in aureport?
Report on login events