audit man page on OpenIndiana

Man page or keyword search:  
man Server   20441 pages
apropos Keyword Search (all sections)
Output format
OpenIndiana logo
[printable version]

audit(1M)		System Administration Commands		     audit(1M)

NAME
       audit - control the behavior of the audit daemon

SYNOPSIS
       audit -n | -s | -t | -v [path]

DESCRIPTION
       The  audit command is the system administrator's interface to maintain‐
       ing the audit trail. The audit daemon can be notified to read the  con‐
       tents  of the audit_control(4) file and re-initialize the current audit
       directory to the first directory listed in the audit_control file or to
       open  a	new audit file in the current audit directory specified in the
       audit_control  file,  as	 last  read  by	 the  audit  daemon.   Reading
       audit_control also causes the minfree and plugin configuration lines to
       be re-read and reset within auditd. The audit daemon can also  be  sig‐
       naled to close the audit trail and disable auditing.

OPTIONS
       -n	  Notify  the audit daemon to close the current audit file and
		  open a new audit file in the current audit directory.

       -s	  Notify the audit daemon to read the audit control file.  The
		  audit daemon stores the information internally. If the audit
		  daemon is not running but audit has been enabled by means of
		  bsmconv(1M), the audit daemon is started.

       -t	  Direct  the  audit  daemon  to close the current audit trail
		  file, disable auditing, and die. Use -s to restart auditing.

       -v path	  Verify the syntax for the audit control file stored in path.
		  The  audit  command  displays an approval message or outputs
		  specific error messages for each error found.

DIAGNOSTICS
       The audit command will exit with 0 upon success and a positive  integer
       upon failure.

FILES
	   o	  /etc/security/audit_user

	   o	  /etc/security/audit_control

ATTRIBUTES
       See attributes(5) for descriptions of the following attributes:

       ┌─────────────────────────────┬─────────────────────────────┐
       │      ATTRIBUTE TYPE	     │	    ATTRIBUTE VALUE	   │
       ├─────────────────────────────┼─────────────────────────────┤
       │Availability		     │SUNWcs			   │
       ├─────────────────────────────┼─────────────────────────────┤
       │Interface Stability	     │Committed			   │
       └─────────────────────────────┴─────────────────────────────┘

SEE ALSO
       bsmconv(1M),  praudit(1M),  audit(2),  audit_control(4), audit_user(4),
       attributes(5)

       See the section on Solaris Auditing  in	System	Administration	Guide:
       Security Services.

NOTES
       The  functionality  described in this man page is available only if the
       Solaris Auditing feature has been enabled.  See	bsmconv(1M)  for  more
       information.

       The  audit  command  does  not modify a process's preselection mask. It
       functions are limited to the following:

	   o	  affects which audit directories  are	used  for  audit  data
		  storage;

	   o	  specifies the minimum free space setting;

	   o	  resets the parameters supplied by means of the plugin direc‐
		  tive.

       For the -s option, audit validates the audit_control  syntax  and  dis‐
       plays  an  error	 message if a syntax error is found. If a syntax error
       message is displayed, the audit daemon does not re-read	audit_control.
       Because	audit_control is processed at boot time, the -v option is pro‐
       vided to allow syntax checking of  an  edited  copy  of	audit_control.
       Using  -v,  audit  exits with 0 if the syntax is correct; otherwise, it
       returns a positive integer.

       The -v option can be used in any zone, but the -t, -s, and  -n  options
       are valid only in local zones and, then, only if the perzone audit pol‐
       icy is set. See auditd(1M) and auditconfig(1M) for per-zone audit  con‐
       figuration.

SunOS 5.11			  16 Apr 2008			     audit(1M)
[top]

List of man pages available for OpenIndiana

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net