Do take a look at https://github.com/Neo23x0/auditd. The idea of the configuration by Neo23x0 is to provide

• works out-of-the-box on all major Linux distributions
• fits most use cases
• produces a reasonable amount of log data
• covers security relevant activity
• is easy to read (different sections, many comments)

The Recommended Video by IPPSec