auditd服务正常运行
root@hgu:~# service auditd status
?.auditd.service - Security Auditing Service
Loaded: loaded (/lib/systemd/system/auditd.service; enabled; vendor preset: e
nabled)
Active: active (running) since Thu 2016-02-11 16:28:01 UTC; 28s ag
o
Process: 186 ExecStartPost=/sbin/auditctl -R /etc/audit/audit.rules (code=exit
ed, status=0/SUCCESS)
Main PID: 185 (auditd)
CGroup: /system.slice/auditd.service
?..185 /sbin/auditd -n
Feb 11 16:28:01 hgu systemd[1]: Started Security Auditing Service.
Feb 11 16:28:01 hgu auditctl[186]: No rules
Feb 11 16:28:01 hgu auditctl[186]: enabled 1
Feb 11 16:28:01 hgu auditctl[186]: failure 1
Feb 11 16:28:01 hgu auditctl[186]: pid 185
Feb 11 16:28:01 hgu auditctl[186]: rate_limit 0
Feb 11 16:28:01 hgu auditctl[186]: backlog_limit 320
Feb 11 16:28:01 hgu auditctl[186]: lost 0
Feb 11 16:28:01 hgu auditctl[186]: backlo