audit(4)audit(4)Nameaudit - audit log interface
This is a special character device that provides an interface for the
audit daemon process, to the kernel audit buffers.
This device should be readable and writable only by root, to protect
access by nonsystem processes. The major number assigned to this
device must correlate with the corresponding major number designation
in the system kernel.