Centrify Audit & Monitoring Service advanced monitoring audit events
Centrify Event ID | Description | Parameters |
57200 |
Monitored program is executed |
syscall: system call exitcode: exit code timestamp: timestamp auid: login user uid: user procid: process id ppid: parent process id gid: group euid: effective user cwd: current working directory cmd: command argc: no of arguments args: arguments |
57201 |
Monitored program failed to execute |
syscall: system call exitcode: exit code timestamp: timestamp auid: login user uid: user procid: process id ppid: parent process id gid: group euid: effective user cwd: current working directory cmd: command argc: no of arguments args: arguments |
57300 |
Monitored file modification attempted |
syscall: system call exitcode: exit code timestamp: timestamp auid: login user uid: user procid: process id ppid: parent process id gid: group euid: effective user cwd: current working directory accType: access Type cmd: command argc: no of arguments args: arguments |
57301 |
Monitored file modification attempt failed |
syscall: system call exitcode: exit code timestamp: timestamp auid: login user uid: user procid: process id ppid: parent process id gid: group euid: effective user cwd: current working directory accType: access Type cmd: command argc: no of arguments args: arguments |
57400 |
Command execution is started |
syscall: syscall exitcode: exit code timestamp: timestamp auid: auid uid: uid pid: pid ppid: ppid gid: gid euid: euid cwd: current working directory command: command argc: no of arguments args: arguments |
57401 |
Command execution fails to start |
syscall: syscall exitcode: exit code timestamp: timestamp auid: auid uid: uid pid: pid ppid: ppid gid: gid euid: euid cwd: current working directory command: command argc: no of arguments args: arguments |