Audit kernel repository

Clone this repo:
  1. 8d3bc9c audit: add a Linux Audit specific by Paul Moore · 4 weeks ago master
  2. 84df952 Linux 4.19 by Greg Kroah-Hartman · 4 weeks ago stable-4.20 v4.19
  3. 8e630c3 MAINTAINERS: Add an entry for the code of conduct by Greg Kroah-Hartman · 4 weeks ago
  4. f3f76d6 Code of Conduct: Change the contact email address by Greg Kroah-Hartman · 4 weeks ago
  5. d117a85 Code of Conduct Interpretation: Put in the proper URL for the committee by Greg Kroah-Hartman · 4 weeks ago

Linux Kernel Audit Subsystem

The Linux Audit subsystem provides a secure logging framework that is used to capture and record security relevant events. It consists of a kernel component which generates audit records based on system activity, a userspace daemon which logs these records to a local file or a remote aggregation server, and a set of userspace tools to for audit log inspection and post-processing.

The main Linux Kernel README can be found at Documentation/admin-guide/README.rst

Online Resources

The canonical audit kernel repository is hosted by

There is also an officially maintained GitHub mirror:

Userspace Tools and Test Suites

The audit userspace tools and test suites are hosted by GitHub: