PATH:
usr
/
share
/
doc
/
audit-2.8.5
/
rules
## If you are on a 64 bit platform, everything _should_ be running ## in 64 bit mode. This rule will detect any use of the 32 bit syscalls ## because this might be a sign of someone exploiting a hole in the 32 ## bit API. -a always,exit -F arch=b32 -S all -F key=32bit-abi
[-] README-rules
[edit]
[-] 30-stig.rules
[edit]
[-] 12-cont-fail.rules
[edit]
[-] 42-injection.rules
[edit]
[+]
..
[-] 10-no-audit.rules
[edit]
[-] 23-ignore-filesystems.rules
[edit]
[-] 22-ignore-chrony.rules
[edit]
[-] 70-einval.rules
[edit]
[-] 30-nispom.rules
[edit]
[-] 41-containers.rules
[edit]
[-] 40-local.rules
[edit]
[-] 43-module-load.rules
[edit]
[-] 32-power-abuse.rules
[edit]
[-] 21-no32bit.rules
[edit]
[-] 11-loginuid.rules
[edit]
[-] 20-dont-audit.rules
[edit]
[-] 12-ignore-error.rules
[edit]
[-] 71-networking.rules
[edit]
[-] 99-finalize.rules
[edit]
[-] 30-pci-dss-v31.rules
[edit]
[-] 10-base-config.rules
[edit]
[-] 31-privileged.rules
[edit]
[-] 30-ospp-v42.rules
[edit]