{"guid":"4eecd24a-ccd0-5a87-aacf-6c79d7d7c8be","title":"Linux Audit Framework - An Introduction","subtitle":null,"slug":"2023-269-linux-audit-framework-an-introduction","link":"https://talks.mrmcd.net/2023/talk/VSBRVX/","description":"Der Kernel implemetiert ein Auditing Framework um Syscalls und Zugriffe auf Dateien zu loggen. Damit lässt sich genau nachverfolgen was auf den Systemen passiert um, z.B. effektives Security Monitoring umzusetzten. Der Vortrag gibt einen Überblick über die Architektur des Frameworks, sowie auch die Userland-Komponente Auditd.","original_language":"deu","persons":["Sergej Schmidt"],"view_count":238,"promoted":false,"date":"2023-09-02T17:00:00.000+02:00","release_date":"2023-09-02T00:00:00.000+02:00","updated_at":"2026-04-21T11:00:05.334+02:00","tags":["mrmcd23","269","2023","Darmstadt","mrmcd23"],"length":3217,"duration":3217,"thumb_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd23/269-4eecd24a-ccd0-5a87-aacf-6c79d7d7c8be.jpg","poster_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd23/269-4eecd24a-ccd0-5a87-aacf-6c79d7d7c8be_preview.jpg","timeline_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd23/269-4eecd24a-ccd0-5a87-aacf-6c79d7d7c8be.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd23/269-4eecd24a-ccd0-5a87-aacf-6c79d7d7c8be.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/2023-269-linux-audit-framework-an-introduction","url":"https://api.media.ccc.de/public/events/4eecd24a-ccd0-5a87-aacf-6c79d7d7c8be","conference_title":"MRMCD 2023 - Wem gehört die Wirklichkeit?","conference_url":"https://api.media.ccc.de/public/conferences/mrmcd23","related":[],"recordings":[{"size":305,"length":3217,"mime_type":"video/webm","language":"deu","filename":"mrmcd23-269-deu-Linux_Audit_Framework_-_An_Introduction_webm-hd.webm","state":"new","folder":"webm-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2023-09-03T19:55:36.827+02:00","recording_url":"https://cdn.media.ccc.de/events/mrmcd/mrmcd23/webm-hd/mrmcd23-269-deu-Linux_Audit_Framework_-_An_Introduction_webm-hd.webm","url":"https://api.media.ccc.de/public/recordings/69992","event_url":"https://api.media.ccc.de/public/events/4eecd24a-ccd0-5a87-aacf-6c79d7d7c8be","conference_url":"https://api.media.ccc.de/public/conferences/mrmcd23"},{"size":123,"length":3217,"mime_type":"video/webm","language":"deu","filename":"mrmcd23-269-deu-Linux_Audit_Framework_-_An_Introduction_webm-sd.webm","state":"new","folder":"webm-sd","high_quality":false,"width":720,"height":576,"updated_at":"2023-09-02T23:13:05.171+02:00","recording_url":"https://cdn.media.ccc.de/events/mrmcd/mrmcd23/webm-sd/mrmcd23-269-deu-Linux_Audit_Framework_-_An_Introduction_webm-sd.webm","url":"https://api.media.ccc.de/public/recordings/69899","event_url":"https://api.media.ccc.de/public/events/4eecd24a-ccd0-5a87-aacf-6c79d7d7c8be","conference_url":"https://api.media.ccc.de/public/conferences/mrmcd23"},{"size":30,"length":3217,"mime_type":"audio/opus","language":"deu","filename":"mrmcd23-269-deu-Linux_Audit_Framework_-_An_Introduction_opus.opus","state":"new","folder":"opus","high_quality":false,"width":0,"height":0,"updated_at":"2023-09-02T22:23:34.142+02:00","recording_url":"https://cdn.media.ccc.de/events/mrmcd/mrmcd23/opus/mrmcd23-269-deu-Linux_Audit_Framework_-_An_Introduction_opus.opus","url":"https://api.media.ccc.de/public/recordings/69894","event_url":"https://api.media.ccc.de/public/events/4eecd24a-ccd0-5a87-aacf-6c79d7d7c8be","conference_url":"https://api.media.ccc.de/public/conferences/mrmcd23"},{"size":49,"length":3217,"mime_type":"audio/mpeg","language":"deu","filename":"mrmcd23-269-deu-Linux_Audit_Framework_-_An_Introduction_mp3.mp3","state":"new","folder":"mp3","high_quality":false,"width":0,"height":0,"updated_at":"2023-09-02T22:21:02.731+02:00","recording_url":"https://cdn.media.ccc.de/events/mrmcd/mrmcd23/mp3/mrmcd23-269-deu-Linux_Audit_Framework_-_An_Introduction_mp3.mp3","url":"https://api.media.ccc.de/public/recordings/69892","event_url":"https://api.media.ccc.de/public/events/4eecd24a-ccd0-5a87-aacf-6c79d7d7c8be","conference_url":"https://api.media.ccc.de/public/conferences/mrmcd23"},{"size":112,"length":3217,"mime_type":"video/mp4","language":"deu","filename":"mrmcd23-269-deu-Linux_Audit_Framework_-_An_Introduction_sd.mp4","state":"new","folder":"h264-sd","high_quality":false,"width":720,"height":576,"updated_at":"2023-09-02T22:13:04.794+02:00","recording_url":"https://cdn.media.ccc.de/events/mrmcd/mrmcd23/h264-sd/mrmcd23-269-deu-Linux_Audit_Framework_-_An_Introduction_sd.mp4","url":"https://api.media.ccc.de/public/recordings/69887","event_url":"https://api.media.ccc.de/public/events/4eecd24a-ccd0-5a87-aacf-6c79d7d7c8be","conference_url":"https://api.media.ccc.de/public/conferences/mrmcd23"},{"size":323,"length":3217,"mime_type":"video/mp4","language":"deu","filename":"mrmcd23-269-deu-Linux_Audit_Framework_-_An_Introduction_hd.mp4","state":"new","folder":"h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2023-09-02T21:48:48.903+02:00","recording_url":"https://cdn.media.ccc.de/events/mrmcd/mrmcd23/h264-hd/mrmcd23-269-deu-Linux_Audit_Framework_-_An_Introduction_hd.mp4","url":"https://api.media.ccc.de/public/recordings/69881","event_url":"https://api.media.ccc.de/public/events/4eecd24a-ccd0-5a87-aacf-6c79d7d7c8be","conference_url":"https://api.media.ccc.de/public/conferences/mrmcd23"}]}