audgen man page on DigitalUNIX

Man page or keyword search:  
man Server   12896 pages
apropos Keyword Search (all sections)
Output format
DigitalUNIX logo
[printable version]

audgen(2)							     audgen(2)

       audgen - generate an audit record

       #include <sys/audit.h>

	       int event,
	       char *tokenp,
	       char *argv,
	       char *userbuff,
	       long *size );

       The audgen system call generates an audit record.

       The argument event is an integer indicating the event type of the oper‐
       ation being audited (see audit.h).  The value of event must be  between
       one  of the following values: MIN_TRUSTED_EVENT and MIN_TRUSTED_EVENT +
       N_TRUSTED_EVENTS -1 MIN_SITE_EVENT and MIN_SITE_EVENT  +	 n_site_events
       -1  The	number of site-defined events, n_site_events, is determined by
       the sysconfig sec parameter audit_site_events. Use sysconfig -q sec  to
       view  the  security  configuration controlled by /etc/sysconfigtab. See
       aud_sitevent(3) and  aud_sitevent_num(3)	 for  information  on  mapping
       site-defined event names and event numbers.

       The  tokenp  argument  is  a  null-terminated  array of token_type (see
       audit.h), each of which represents the type of argument	referenced  by
       the corresponding *argv argument.

       The argv argument is a pointer to an array containing either the actual
       arguments or pointers to those arguments that are to be recorded in the
       audit record.  A pointer to the actual argument is placed in that array
       when the argument is a string, array, or other variable	length	struc‐
       ture.  Arguments represented as an int or a long are placed directly in
       that array. The available public tokens are listed in the audit.h file.

       If size is nonzero, *size is the size of userbuff provided  to  audgen,
       and  the	 audit record created is not passed into the system audit data
       stream, but is copied out to userbuff. On return, *size is  updated  to
       the  number  of	bytes of data placed into userbuff. If the size of the
       audit record exceeds *size, then errno is set  to  E2BIG.  Applications
       can use this feature to create their own audit records.

       The audgen call is a privileged system call. No record is generated for
       the system audit data stream  if	 the  specified	 event	is  not	 being
       audited for the current process. The maximum number of arguments refer‐
       enced by argv is AUD_NPARAM (128) with  no  more	 than  8  of  any  one

       Upon  successful completion, audgen returns a value of 0. Otherwise, it
       returns a value of -1 and sets the global  integer  variable  errno  to
       indicate the error.

       The  audgen  system call fails under the following conditions: The user
       is not privileged for this  operation.	The  value  supplied  for  the
       event,  tokenp,	or argv argument is invalid.  The audit record exceeds
       the audit buffer size.  Indicates an attempt to use a system call  that
       is  not	configured.  The tokenmask data is invalid.  The size argument
       is non-zero, and the userbuff argument is invalid.  A value  referenced
       by the argv argument is invalid.

       Functions: audgenl(3), aud_sitevent(3), aud_sitevent_num(3)

       Commands: audgen(8)



List of man pages available for DigitalUNIX

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
Vote for polarhome
Free Shell Accounts :: the biggest list on the net