..
    generated, remove this comment to keep this file

``audit``
=========

.. code-block:: console

    $ target-query <path/to/target> -f audit


.. list-table:: Details
    :widths: 20 80

    * - Module
      - ``os.unix.log.audit.AuditPlugin``
    * - Output
      - ``records``

**Module documentation**

No documentation

**Function documentation**

Return CentOS and RedHat audit information stored in /var/log/audit*.

The audit log file on a Linux machine stores security-relevant information.
Based on pre-configured rules. Log messages consist of space delimited key=value pairs.

References:
    - https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/security_guide/chap-system_auditing
    - https://linux-audit.com/linux-audit-log-files-in-var-log-audit/
    - https://man7.org/linux/man-pages/man8/auditd.8.html
    - https://man7.org/linux/man-pages/man8/ausearch.8.html
    - https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/security_guide/sec-understanding_audit_log_files