Is there any experience out there in using the auditd (as known from Linux) on AIX (rather than using the AIX' built-in audit subsystem)?
Might auditd eventually be more sensible when it comes to
- sensible amount of data
- satisfying PCI DSS requirements
E.g. we'd like to restrict logging to activities on interactive shells by users w/ admin rights. This seems to be a problem w/ AIX audit.