https://github.com/jquiterio/auquery

Linux auditd report and query
https://github.com/jquiterio/auquery

auditd linux python security-audit

Last synced: 26 days ago
JSON representation

Linux auditd report and query

• Host: GitHub
• URL: https://github.com/jquiterio/auquery
• Owner: jquiterio
• Created: 2019-08-03T10:27:26.000Z (almost 7 years ago)
• Default Branch: master
• Last Pushed: 2020-06-06T17:52:06.000Z (about 6 years ago)
• Last Synced: 2025-09-20T09:29:02.519Z (9 months ago)
• Topics: auditd, linux, python, security-audit
• Language: Python
• Homepage: https://pypi.org/project/auquery
• Size: 17.6 KB
• Stars: 1
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • Funding: .github/FUNDING.yml

Awesome Lists containing this project

README

          
[![PyPI version](https://badge.fury.io/py/auquery.svg)](https://badge.fury.io/py/auquery)

Defaults

--

auditd log dir is /var/log/audit

Requirements

--

- python3

- Make sure that auditd logs to /var/log/audit or set environment variable AUQUERY_LOG_DIR to a directory where logs are located.

- Make sure that user who run auquery is able to read to AUQERY_LOG_DIR

Install

--

pip install auquery

Run

--

auquery

or 

sudo auquery

TODO

--

- Parse audit logs directly from kernel (without log files dependency)