Install and Enable auditd Service Install and turn on the auditd daemon to record system events.

[yes/no]

The capturing of system events provides system administrators with information to allow them to determine if unauthorized access to their system is occurring. Fix: Install auditd: # apt-get install auditd If needed create proper start links for auditd in /etc/rc*.d by running the following command from each of the relevant directories: # ln -s ../init.d/auditd S37auditd Start links should be created for run levels 2, 3, 4, and 5.