Open-AudIT https://www.open-audit.org/phpBB3/ |
|
schedule audits with systemd & RHEL 7 https://www.open-audit.org/phpBB3/viewtopic.php?f=20&t=6417 |
Page 1 of 1 |
Author: | shanimal [ Fri Mar 20, 2015 2:03 am ] |
Post subject: | schedule audits with systemd & RHEL 7 |
Here is one way to schedule a daily audit in RedHat Enterprise Linux 7 using systemd Copy the audit_linux.sh file to /usr/share change the permissions so that the root user has full access: chmod +rx /usr/share/audit_linux.sh chown root /usr/share/audit_linux.sh chgrp root /usr/share/audit_linux.sh Create an OpenAudit Service file at the following location /usr/lib/systemd/system/OpenAudit.service include the following three sections: Unit, Service & Install [Unit] Description=OpenAudit [Service] Type=simple ExecStart=/usr/share/audit_linux.sh [Install] WantedBy=multi.user.target Create an OA.timer file at the following location /usr/lib/systemd/system/OA.timer include the following three sections: Unit, Timer & Install [Unit] Description=Daily audit [Timer] OnCalendar=*-*-* 10:50:01 Unit=OpenAudit.service [Install] WantedBy=multi.user.target note this will audit daily at 10:50am. If you want to audit weekly try this line instead: OnCalendar=weekly This will audit every week at 00:00:00 on Monday Now activate and set to always be running using the following two commands systemctl enable OA.timer systemctl start OA.timer To check status: systemctl status OA.timer The instructions should be similar with any OS that has access to systemd |
Page 1 of 1 | All times are UTC + 10 hours |
Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |