Setting up Centralized Logging with Auditd

In this post, I will talk about how to set up centralized logging using the Auditd daemon, and the audisp-remote plugin. Auditd is the Linux Audit daemon which is responsible for logging events that happen based on the rules defined. The Auditd daemon passes the event records to the audit dispatcher, called audisp. The audit … Continue reading Setting up Centralized Logging with Auditd

Logging for Docker

When moving from a development to production environment, it becomes important to log commands issued to Docker for auditing purposes. Some reasons for doing so are: compliance to government requirements, auditing and tracing of issues, requirement of industry standards, client/end-user requirement, and so on. Docker offers two types of logging mechanisms - Containers, and Docker daemon. … Continue reading Logging for Docker