audit(4)
Name
audit − audit log interface
Description
This is a special character device that provides an interface for the audit daemon process, /etc/sec/auditd, to the kernel audit buffers.
Restrictions
This device should be readable and writable only by root, to protect access by nonsystem processes. The major number assigned to this device must correlate with the corresponding major number designation in the system kernel.
Files
/dev/audit