monitor and log every file access on redhat/linux

software suggestions to monitor and log EVERY file access on redhat/linux.
Who is Participating?
madunixConnect With a Mentor Commented:
Use auditd by configuring...
chkconfig auditd on
Add rules to the end of the /etc/audit/audit.rules file
Steve BinkConnect With a Mentor Commented:
The inotify-tools package is what you're looking for.

Note that monitoring *every* file access is going to put a huge load on your server.  Be prepared.
gheistConnect With a Mentor Commented:
audit is tool for job.
joolsConnect With a Mentor Commented:
It might be best to configure the service to monitor specific files/directories rather than everything or you will just drown in the noise!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.