LPIC-3 303 Configuring Audit Rules in CentOS 7

We can now take a little time to look at how you can create your own custom audit rules within the Linux Audit system. We will audit permission changes on the /etc/shadow file and pick up those changes with ausearch from the audit log. This is preparing you for the LPIC-3 303 exam in Linux Security
Additionally you can find my video courses on Pluralsight: http://pluralsight.com/training/Authors/Details/andrew-mallett and take time to see my own site http://www.theurbanpenguin.com