• We had to restore from a backup today after a failed software update. Backup was from 0000 EDT and restored it at 0800 EDT so we lost about 8hrs. Today is 07/20/2024. More info here.

creating alert for unauthorize login and command fired

kaushalender

New Member
Joined
Mar 24, 2021
Messages
2
Reaction score
0
Credits
30
I am sorry if I am asking a very silly question but I am very new to security. Currently, I have a couple of requirement
1)Giving different level of access to a user on a Linux host like
L1 - Read-only who can only view the logs and configuration file
L2- With a restricted command like he can not delete any files
SME - Who can modify files Super user --- equal to root user
  1. if L1/L2 try to run an unauthorized command then one alert should be generated via email
3)If any configuration changes happen then one alert should be generated
How I can achieve these scenarios. Kindly help
Thanks in advance
Kaushal
 


Top