Auditd logging all commands


#1

I’m trying to achieve logging all commands, by following the instructions of this site. http://whmcr.com/2011/10/14/auditd-logging-all-commands/

I’ve installed auditd package from squeeze repository. And performed the following command:

$ sudo auditctl -a exit,alway -F arch=b64 -S all Error sending add rule request (Operation not supported)

Unfortunately I’m getting an error.

Can someone help me how I can add support for this operation?


#2

Hi, any success since march ? We would like to do something similar here.


#3

FYI there’s a typo “alway” not sure if that was just in the post…


#4
sudo auditctl -a exit,always -F arch=b64 -S all
Error sending add rule request (Operation not supported)

Same result.