Ubuntu 22.04 Ensure audit_backlog_limit is configured in the kernel line in /etc/default/grub. /etc/default/grub ^\s*GRUB_CMDLINE_LINUX="(.*)"$ 1 /etc/default/grub ^\s*GRUB_CMDLINE_LINUX_DEFAULT="(.*)"$ 1 /etc/default/grub.d/[^/]+\.cfg ^\s*GRUB_CMDLINE_LINUX="(.*)"$ 1 /etc/default/grub.d/*.cfg ^\s*GRUB_CMDLINE_LINUX_DEFAULT="(.*)"$ 1 /boot/grub/grub.cfg ^.*/vmlinuz.*(root=.*)$ 1 ^(?:.*\s)?audit_backlog_limit= (?:\s.*)?$