I have a requirement for daily report of Linux sudo activity.
I came to know that the LDAP log will tell me if the user successfully has access, and sudo log will tell me what the execute request is and where?
Can I relate both logs using a common keyword or something to fetch results of both? I don't see one. Is there any approach tried by anyone on this, please let me know asap!
↧
Are there related fields between sudo log and LDAP log? I want to monitor daily Linux sudo activity.
↧