Created
January 23, 2023 18:07
-
-
Save DavidHoenisch/444a3b4a26af7243b6b200f175dc5aec to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| if [[ $UID -ne 0 ]]; then | |
| echo "Please run with sudo" | |
| exit 1 | |
| fi | |
| ## check what distrobution of linux is being run. Supported versions are CentOS, debian, Ubuntu, Amazon Linux | |
| if [ -f /etc/redhat-release ]; then | |
| OS="CentOS" | |
| elif [ -f /etc/debian_version ]; then | |
| OS="Debian" | |
| elif [ -f /etc/lsb-release ]; then | |
| OS="Ubuntu" | |
| elif [ -f /etc/system-release ]; then | |
| OS="Amazon Linux" | |
| else | |
| echo "This script is not supported on this OS" | |
| exit 1 | |
| fi | |
| echo "detected OS is $OS" | |
| echo " " | |
| ## If debian based distro is detected | |
| if [ "$OS" == "Debian" ] || [ "$OS" == "Ubuntu" ]; then | |
| apt install auditd -y | |
| systemctl enable auditd | |
| systemctl start auditd | |
| curl https://raw.githubusercontent.com/Neo23x0/auditd/master/audit.rules > /etc/audit/rules.d/audit.rules | |
| systemctl restart auditd | |
| ## If rhel based distro is detected | |
| elif [ "$OS" == "CentOS" ] || [ "$OS" == "Amazon Linux" ]; then | |
| yum install audit audit-libs -y | |
| systemctl enable auditd | |
| systemctl start auditd | |
| curl https://raw.githubusercontent.com/Neo23x0/auditd/master/audit.rules > /etc/audit/rules.d/audit.rules | |
| systemctl kill auditd | |
| systemctl start auditd | |
| fi | |
| exit |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment