Centrify Audit & Monitoring Service advanced monitoring audit events

audit and monitoring service advanced monitoring audit events
Centrify Event ID Description Parameters

57200

Monitored program is executed

syscall: system call

exitcode: exit code

timestamp: timestamp

auid: login user

uid: user

procid: process id

ppid: parent process id

gid: group

euid: effective user

cwd: current working directory

cmd: command

argc: no of arguments

args: arguments

57201

Monitored program failed to execute

syscall: system call

exitcode: exit code

timestamp: timestamp

auid: login user

uid: user

procid: process id

ppid: parent process id

gid: group

euid: effective user

cwd: current working directory

cmd: command

argc: no of arguments

args: arguments

57300

Monitored file modification attempted

syscall: system call

exitcode: exit code

timestamp: timestamp

auid: login user

uid: user

procid: process id

ppid: parent process id

gid: group

euid: effective user

cwd: current working directory

accType: access Type

cmd: command

argc: no of arguments

args: arguments

57301

Monitored file modification attempt failed

syscall: system call

exitcode: exit code

timestamp: timestamp

auid: login user

uid: user

procid: process id

ppid: parent process id

gid: group

euid: effective user

cwd: current working directory

accType: access Type

cmd: command

argc: no of arguments

args: arguments

57400

Command execution is started

syscall: syscall

exitcode: exit code

timestamp: timestamp

auid: auid

uid: uid

pid: pid

ppid: ppid

gid: gid

euid: euid

cwd: current working directory

command: command

argc: no of arguments

args: arguments

57401

Command execution fails to start

syscall: syscall

exitcode: exit code

timestamp: timestamp

auid: auid

uid: uid

pid: pid

ppid: ppid

gid: gid

euid: euid

cwd: current working directory

command: command

argc: no of arguments

args: arguments