nixos-config/common/services/auditd.nix

{
  security.auditd.enable = true;
  security.audit.enable = true;
  # security.audit.rules = [
  #   "-a exit,always -F arch=b64 -S execve"
  # ];
  # You can monitor these logs with journalctl -f. If you don't see any audit logs show up, ssh in from another window and run some commands like ls. You should see a flurry of them show up.
}
unfree packages no awawa 2024-04-22 06:39:13 +02:00			`{`
30% more stuff 2024-04-27 13:56:15 +02:00			`security.auditd.enable = true;`
			`security.audit.enable = true;`
unfree packages no awawa 2024-04-22 06:39:13 +02:00			`# security.audit.rules = [`
			`# "-a exit,always -F arch=b64 -S execve"`
			`# ];`
			`# You can monitor these logs with journalctl -f. If you don't see any audit logs show up, ssh in from another window and run some commands like ls. You should see a flurry of them show up.`
			`}`