How To Install audit.x86_64 on Amazon Linux 2
In this tutorial we learn how to install audit.x86_64 in Amazon Linux 2. audit.x86_64 is User space tools for 2.6 kernel auditing
Introduction
In this tutorial we learn how to install audit.x86_64 on Amazon Linux 2.
What is audit.x86_64
The audit package contains the user space utilities for storing and searching the audit records generated by the audit subsystem in the Linux 2.6 and later kernels.
We can use yum to install audit.x86_64 on Amazon Linux 2. In this tutorial we discuss both methods but you only need to choose one of method to install audit.x86_64.
Install audit.x86_64 on Amazon Linux 2 Using yum
Update yum database with yum using the following command.
sudo yum makecache --refresh
After updating yum database, We can install audit.x86_64 using yum by running the following command:
sudo yum -y install audit.x86_64
How To Uninstall audit.x86_64 on Amazon Linux 2
To uninstall only the audit.x86_64 package we can use the following command:
sudo yum remove audit.x86_64
audit.x86_64 Package Contents on Amazon Linux 2
/etc/audisp
/etc/audisp/audispd.conf
/etc/audisp/plugins.d
/etc/audisp/plugins.d/af_unix.conf
/etc/audisp/plugins.d/syslog.conf
/etc/audit
/etc/audit/audit-stop.rules
/etc/audit/audit.rules
/etc/audit/auditd.conf
/etc/audit/rules.d
/etc/audit/rules.d/audit.rules
/sbin/audispd
/sbin/auditctl
/sbin/auditd
/sbin/augenrules
/sbin/aureport
/sbin/ausearch
/sbin/autrace
/usr/bin/aulast
/usr/bin/aulastlog
/usr/bin/ausyscall
/usr/bin/auvirt
/usr/lib/systemd/system/auditd.service
/usr/libexec/initscripts/legacy-actions/auditd
/usr/libexec/initscripts/legacy-actions/auditd/condrestart
/usr/libexec/initscripts/legacy-actions/auditd/restart
/usr/libexec/initscripts/legacy-actions/auditd/resume
/usr/libexec/initscripts/legacy-actions/auditd/rotate
/usr/libexec/initscripts/legacy-actions/auditd/stop
/usr/share/doc/audit-2.8.1
/usr/share/doc/audit-2.8.1/COPYING
/usr/share/doc/audit-2.8.1/ChangeLog
/usr/share/doc/audit-2.8.1/README
/usr/share/doc/audit-2.8.1/auditd.cron
/usr/share/doc/audit-2.8.1/rules
/usr/share/doc/audit-2.8.1/rules/10-base-config.rules
/usr/share/doc/audit-2.8.1/rules/10-no-audit.rules
/usr/share/doc/audit-2.8.1/rules/11-loginuid.rules
/usr/share/doc/audit-2.8.1/rules/12-cont-fail.rules
/usr/share/doc/audit-2.8.1/rules/12-ignore-error.rules
/usr/share/doc/audit-2.8.1/rules/20-dont-audit.rules
/usr/share/doc/audit-2.8.1/rules/21-no32bit.rules
/usr/share/doc/audit-2.8.1/rules/22-ignore-chrony.rules
/usr/share/doc/audit-2.8.1/rules/23-ignore-filesystems.rules
/usr/share/doc/audit-2.8.1/rules/30-nispom.rules
/usr/share/doc/audit-2.8.1/rules/30-pci-dss-v31.rules
/usr/share/doc/audit-2.8.1/rules/30-stig.rules
/usr/share/doc/audit-2.8.1/rules/31-privileged.rules
/usr/share/doc/audit-2.8.1/rules/32-power-abuse.rules
/usr/share/doc/audit-2.8.1/rules/40-local.rules
/usr/share/doc/audit-2.8.1/rules/41-containers.rules
/usr/share/doc/audit-2.8.1/rules/42-injection.rules
/usr/share/doc/audit-2.8.1/rules/43-module-load.rules
/usr/share/doc/audit-2.8.1/rules/70-einval.rules
/usr/share/doc/audit-2.8.1/rules/71-networking.rules
/usr/share/doc/audit-2.8.1/rules/99-finalize.rules
/usr/share/doc/audit-2.8.1/rules/README-rules
/usr/share/man/man5/audispd.conf.5.gz
/usr/share/man/man5/auditd.conf.5.gz
/usr/share/man/man5/ausearch-expression.5.gz
/usr/share/man/man7/audit.rules.7.gz
/usr/share/man/man8/audispd.8.gz
/usr/share/man/man8/auditctl.8.gz
/usr/share/man/man8/auditd.8.gz
/usr/share/man/man8/augenrules.8.gz
/usr/share/man/man8/aulast.8.gz
/usr/share/man/man8/aulastlog.8.gz
/usr/share/man/man8/aureport.8.gz
/usr/share/man/man8/ausearch.8.gz
/usr/share/man/man8/ausyscall.8.gz
/usr/share/man/man8/autrace.8.gz
/usr/share/man/man8/auvirt.8.gz
/var/log/audit
References
Summary
In this tutorial we learn how to install audit.x86_64 on Amazon Linux 2 using yum.