Title:
Ensure events that modify the sudo log file are collected
Description:
Monitor the sudo log file. If the system has been properly configured to disable the use of
the su command and force all administrators to have to log in first and then use sudo to
execute privileged commands, then all administrator commands will be logged to
/var/log/sudo.log . Any time a command is executed, ...