We have the Linux agent installed on some Ubuntu servers and this connector enabled, what mechanism for auditing the command line was this connector designed for or does the agent itself handle the logging. It is my understanding that there isn't necessarily a standard way in which linux command lines are audited, so I'm unlikely to stumble upon the right configuration by brute force
Is there anything that needs to be done on the servers to kick this off?
Thanks!