Use Auditd logs in OCI with Logging Service

Logs are important because if they are properly configured , they can provide information that usually can be missed. For Windows Instances, beside the normal Events, Sysmon is my preferred solution to enrich the Windows logs, but this will be part of a different blog entry.

One of the blogs that I would recommend to read before starting configuring auditd and OCI logging is this as it offers :

• Quick intro to the Linux Audit System
• Tips when writing audit rules