FreeBSD Security Event Auditing

FreeBSD 6.2-RELEASE and later include support for fine-grained security event auditing. Event auditing allows the reliable, fine-grained, and configurable logging of a variety of security-relevant system events, including logins, configuration changes, and file and network access. These log records can be invaluable for live system monitoring, intrusion detection, and postmortem analysis. FreeBSD implements Sun™'s published BSM API and file format, and is interoperable with both Sun's Solaris™ and Apple®'s Mac OS® X audit implementations.read more..