audit man page on SunOS

Man page or keyword search:  
man Server   20652 pages
apropos Keyword Search (all sections)
Output format
SunOS logo
[printable version]

audit(1M)		System Administration Commands		     audit(1M)

NAME
       audit - control the behavior of the audit daemon

SYNOPSIS
       audit -n | -s | -t | -v [path]

DESCRIPTION
       The  audit command is the system administrator's interface to maintain‐
       ing the audit trail. The audit daemon can be notified to read the  con‐
       tents  of the audit_control(4) file and re-initialize the current audit
       directory to the first directory listed in the audit_control file or to
       open  a	new audit file in the current audit directory specified in the
       audit_control  file,  as	 last  read  by	 the  audit  daemon.   Reading
       audit_control also causes the minfree and plugin configuration lines to
       be re-read and reset within auditd. The audit daemon can also  be  sig‐
       naled to close the audit trail and disable auditing.

OPTIONS
       -n	  Notify  the audit daemon to close the current audit file and
		  open a new audit file in the current audit directory.

       -s	  Notify the audit daemon to read the audit control file.  The
		  audit daemon stores the information internally. If the audit
		  daemon is not running but audit has been enabled by means of
		  bsmconv(1M),	the audit daemon is started.

       -t	  Direct  the  audit  daemon  to close the current audit trail
		  file and exit. Use -s to restart auditing. To disable audit‐
		  ing, use  bsmunconv(1M).

       -v path	  Verify the syntax for the audit control file stored in path.
		  The audit command displays an approval  message  or  outputs
		  specific error messages for each error found.

DIAGNOSTICS
       The  audit command will exit with 0 upon success and a positive integer
       upon failure.

FILES
	   o	  /etc/security/audit_user

	   o	  /etc/security/audit_control

ATTRIBUTES
       See attributes(5) for descriptions of the following attributes:

       ┌─────────────────────────────┬─────────────────────────────┐
       │      ATTRIBUTE TYPE	     │	    ATTRIBUTE VALUE	   │
       ├─────────────────────────────┼─────────────────────────────┤
       │Availability		     │SUNWcsu			   │
       ├─────────────────────────────┼─────────────────────────────┤
       │Stability		     │Evolving			   │
       └─────────────────────────────┴─────────────────────────────┘

SEE ALSO
       bsmconv(1M), praudit(1M),  audit(2),  audit_control(4),	audit_user(4),
       attributes(5)

       See  the	 section  on  Solaris Auditing in System Administration Guide:
       Security Services.

NOTES
       The functionality described in this man page is available only  if  the
       Solaris	Auditing  feature  has	been enabled. See bsmconv(1M) for more
       information.

       The audit command does not modify a  process's  preselection  mask.  It
       functions are limited to the following:

	   o	  affects  which  audit	 directories  are  used for audit data
		  storage;

	   o	  specifies the minimum free space setting;

	   o	  resets the parameters supplied by means of the plugin direc‐
		  tive.

       For  the	 -s  option, audit validates the audit_control syntax and dis‐
       plays an error message if a syntax error is found. If  a	 syntax	 error
       message	is displayed, the audit daemon does not re-read audit_control.
       Because audit_control is processed at boot time, the -v option is  pro‐
       vided  to  allow	 syntax	 checking  of an edited copy of audit_control.
       Using -v, audit exits with 0 if the syntax is  correct;	otherwise,  it
       returns a positive integer.

       The  -v	option can be used in any zone, but the -t, -s, and -n options
       are valid only in local zones and, then, only if the perzone audit pol‐
       icy  is set. See auditd(1M) and auditconfig(1M) for per-zone audit con‐
       figuration.

SunOS 5.10			  28 Sep 2010			     audit(1M)
[top]

List of man pages available for SunOS

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net