====== Ubuntu - Auditing - Install auditd ======

<code bash>
sudo apt-get install auditd
</code>

This will install some tools related to auditd tool.  Here are the tools:

  * **auditctl** ; is a tool to control the behaviour of the daemon on the fly, adding rules, etc.
  * **/etc/audit/audit.rules** ; is the file that contains audit rules.
  * **aureport** ; is tool to generate and view the audit report.
  * **ausearch** ; is a tool to search various events.
  * **auditspd** ; is a tool which can be used to relay event notifications to other applications instead of writing them to disk in the audit log.
  * **autrace** ; is a command that can be used to trace a process.
  * **/etc/audit/auditd.conf** ; is the configuration file of auditd tool.