Is anybody else out there using Auditd on Linux with LEM to accomplish Change Detection?
If so, would you mind sharing the Auditd configuration you are using?
