audit_request_signal_info - Linux


audit_request_signal_info is a Linux command used to send signals to the audit daemon (auditd). It initiates or cancels an audit record containing the signal information.


audit_request_signal_info -c | -d <signal>


  • -c: Cancel the signal information request.
  • -d : Send a signal to auditd. The signal can be any valid signal number (e.g., 12 for SIGUSR2).


Cancel a signal information request:

audit_request_signal_info -c

Send signal 12 (SIGUSR2) to auditd:

audit_request_signal_info -d 12

Common Issues

Deprecation: The audit_request_signal_info command has been deprecated and replaced with the ausearch command. It is still available for backward compatibility, but it is recommended to use ausearch instead.


The audit_request_signal_info command can be used with other auditing tools, such as ausearch and auditctl, to manage audit events and policies.

Related Commands

  • auditctl: Controls the Linux audit subsystem.
  • ausearch: Searches and displays audit events.
  • auditd: The Linux audit daemon.