ADM or administration group
Users in the adm group have read permissions on all logs in /var/log. This could allow them to access sensitive information such as passwords, error messages, and system activity. This could lead to finding credentials or other sensitive information.
$ id
uid=1002(auser) gid=1002(auser) groups=1002(auser),4(adm)Aureport
Aureport is a command-line utility which can be used to create reports from audit log files stored in /var/log/audit/. It can create crypto reports or reports from tty keystrokes.
In Linux, TTY (TeleTypewriter) refers to a text-based interface that allows you to interact with the system, aureport can log TTY using the --tty flag.