HEX
Server: Apache/2.4.65 (Unix) OpenSSL/1.1.1k
System: Linux srv820.techno-vate.net 4.18.0-553.109.1.el8_10.x86_64 #1 SMP Mon Mar 2 09:33:18 EST 2026 x86_64
User: bheot (1024)
PHP: 8.1.30
Disabled: NONE
$ pwd: /usr/share/audit/sample-rules/
Upload Files
File: //usr/share/audit/sample-rules/32-power-abuse.rules
## The purpose of this rule is to detect when an admin may be abusing power
## by looking in user's home dir.
-a always,exit -F dir=/home -F uid=0 -F auid>=1000 -F auid!=unset -C auid!=obj_uid -F key=power-abuse
@ Telegram