I want logs when someone will create a new file , Modify and delete the file and who is the user and path that have been perform above action.
i tried auditbeat but whenever i was create file in some specific path and delete that and modify that file then i did not receive those logs why i don't know.
And i tried with RPM and tar and using yum install but when i was tried with RPM and Yum install then it will give me one error while tried to install template manually no any auditbeat.yml and field.yml find but actually is there.
and when i was tried using tar then it was worked fine but logs are not coming as how i want.
Okk now i am using auditbeat in windows machine and it is working fine for me i will explore latter in RHEL server thanks for your help.:slightly_smiling_face:
NEW: Monitor These Apps!
Apache Lucene, Apache Solr and all other Apache Software Foundation project and their respective logos are trademarks of the Apache Software Foundation.
Elasticsearch, Kibana, Logstash, and Beats are trademarks of Elasticsearch BV, registered in the U.S. and in other countries. This site and Sematext Group is in no way affiliated with Elasticsearch BV.
Service operated by Sematext