The Linux Audit Framework or Linux Auditing System is a component of the Linux Kernel frequently used in cybersecurity and systems administration contexts providing auditing capabilities for system calls, file accesses, permission changes, etc.
It provides components such as auditd, auditctl, ausearch, and ausyscall.
https://people.redhat.com/sgrubb/audit/