======4.1.2 Ensure auditd service is enabled (Scored)======
=====Profile Applicability=====  
<code>
Level 2 - Server
Level 2 - Workstation 
</code>

=====Description=====
Turn on the ''auditd'' daemon to record system events.

=====Rationale=====
The capturing of system events provides system administrators with information to allow them to determine if unauthorized access to their system is occurring.

=====Audit===== 
Run the following command to verify ''auditd'' is enabled:
<Code:bash>
# systemctl is-enabled auditd 
enabled
</Code>
Verify result is "enabled".

=====Remediation===== 
Run the following command to enable ''auditd'':
<Code:bash>
# systemctl enable auditd
</Code>