Auditctl
From wikinotes
Audit the linux kernel behaviour.
Examples
Audit TCP connections
auditctl -A exit,always -S connect # install log auditctl -d exit,always -S connect # uninstall log
Audit the linux kernel behaviour.
Audit TCP connections
auditctl -A exit,always -S connect # install log auditctl -d exit,always -S connect # uninstall log
