There are other resources available containing valuable information about the Linux audit framework:
There are several man pages installed along with the audit tools that provide valuable and very detailed information:
auditd(8)
auditd.conf(8)
auditctl(8)
autrace(8)
ausearch(8)
aureport(8)
The home page of the Linux audit project. This site contains several specifications relating to different aspects of Linux audit as well as a short FAQ.
The audit package itself contains a README with basic design information along with some Red Hat–specific instructions and a sample.rules file demonstrating the basic capabilities of audit.
The official Web site of the Common Criteria project. Learn all about the Common Criteria security certification initiative and which role audit plays in this framework.