Sponsored Content
Full Discussion: Solaris BSM log software
Operating Systems Solaris Solaris BSM log software Post 302108208 by yoder on Saturday 24th of February 2007 06:34:18 AM
Old 02-24-2007
Audits on sol 9

Ok, thank you much. I didn't think there were, as I have been looking for a little while.
 

9 More Discussions You Might Find Interesting

1. Programming

how to write to Solaris BSM log

I have a C program and want to write messages to a log. BSM is being used for O/S auditing. Can I write my messages to the BSM log? If so, how do I do that? I'm not finding any API's for that. Any URLs, samples, guidance would be appreciated. (0 Replies)
Discussion started by: JDO
0 Replies

2. UNIX for Dummies Questions & Answers

solaris BSM and Auditing

Hi Guys, I am new to this forum so I am sorry if i posted this thread in the wrong place. I am currently trying to get BSM to work on solaris 10 by Logging few things for me. I need your help to complete this task please. this is the config of the audit files: audit_conto # Copyright... (18 Replies)
Discussion started by: skywalker850i
18 Replies

3. Solaris

Solaris BSM audit log

I got a lot of this message in my /var/audit log how can I exclude this message? header,127,2,invalid event number,fe,hostsol1.com.sg,2007-12-21 00:10:01.001 +08:00,argument,1,0x5,processor ID,argument ,2,0x3,flag,text,P_STATUS,subject,zhang1,root,root,root,root,18228,576129155,291 131094... (1 Reply)
Discussion started by: geoffry
1 Replies

4. Cybersecurity

audit user in BSM/C2 Log

Hi, I keep encountering events in the BSM/C2 logs which shows that the audit-user who performed the event is the user (e.g. ongkk in the example below). However, the user is able to show me that he wasn't logged in at that time nor have the rights to perform the event (e.g. su in this example).... (5 Replies)
Discussion started by: BERNIELEE68
5 Replies

5. Solaris

Solaris Software

Does anyone know of any other place to download Solaris 9 packages other than Oracle's website. I'm looking to setup Solaris 9 containers and needing package SUNWs9brandk. I don't have a account with Oracle to allow me to download this package. I'm using a Solaris 10 server update 9. (1 Reply)
Discussion started by: soupbone38
1 Replies

6. Solaris

BSM auditing

Hi , I don't want logs from a particular "library" to get recorded in the audit.log file. Is that possible with BSM? Please guide. Thanks. (2 Replies)
Discussion started by: chinchao
2 Replies

7. Solaris

Needs some orientation on BSM/auditing

New to Solaris in general (coming from a RHEL background) I'm trying to enable auditing on the system with the following in /etc/security/audit_control: But there are two areas where it seems to break with expected behavior (maybe it's poor expectations on my part): 1) it seems to be... (0 Replies)
Discussion started by: thmnetwork
0 Replies

8. Solaris

BSM not catching creat64

Solaris 9 system: I'm trying to get BSM to record to the point where additional files being put into /etc/opt/csw/sudoers.d will be recorded but thus far all I'm able to get are when files are deleted (via unlink). I've even tried auditing based on the "all" audit flag temporarily (thinking I... (2 Replies)
Discussion started by: thmnetwork
2 Replies

9. Solaris

How can I read Solaris BSM log?

Hi all, I'm trying to read Solaris BSM log in user friendly form. Found old tools including bsmparser java tool and php code. But none of them working. What are you using for parsing BSM log? (2 Replies)
Discussion started by: sembii
2 Replies
SA-CHECK_SPAMD.RAW(1)					User Contributed Perl Documentation				     SA-CHECK_SPAMD.RAW(1)

NAME
sa-check_spamd - spamd monitoring script for use with Nagios, etc. SYNOPSIS
sa-check_spamd [options] Options: -c secs, --critical=secs Critical ping response threshold -h, -?, --help Print usage message -H hostname, --hostname=hostname Hostname of spamd service to ping -p port, --port=port Port of spamd service to ping --socketpath=path Connect to given UNIX domain socket -t secs, --timeout=secs Max time to wait for a ping response -v, --verbose Verbose debug output -V, --version Output version info -w secs, --warning=secs Warning ping response threshold DESCRIPTION
The purpose of this program is to provide a tool to monitor the status of "spamd" server processes. spamd is the daemonized version of the spamassassin executable, both provided in the SpamAssassin distribution. This program is designed for use, as a plugin, with the Nagios service monitoring software available from http://nagios.org. It might be compatible with other service monitoring packages. It is also useful as a command line utility or as a component of a custom shell script. OPTIONS
Options of the long form can be shortened as long as the remain unambiguous (i.e. --host can be used instead of --hostname). -c secs, --critical=secs Critical ping response threshold in seconds. If a spamd ping response takes longer than the value specified (in seconds) the program will exit with a value of 2 to indicate the critical status. This value must be at least as long as the value specified for warning and less than the value specified for timeout. -h, -?, --help Prints this usage message and exits. -H hostname, --hostname=hostname The hostname, or IP address, of the spamd service to ping. By default the hostname localhost is used. If --socketpath is set this value will be ignored. -p port, --port=port The port of the spamd service to ping. By default port 783 (the spamd default port number) is used. If --socketpath is set this value will be ignored. --socketpath=path Connect to given UNIX domain socket. Use instead of a hostname and TCP port. When set, any hostname and TCP port specified will be ignored. -t secs, --timeout=secs The maximum time to wait for a ping response. Once exceeded the program will exit with a value of 2 to indicate the critical status. The default timeout value is 45 seconds. The timeout must be no less than 1 second. This value must be greater than the values specified for both the critical and warning values. -v, --verbose Display verbose debug output on STDOUT. -V, --version Display version info on STDOUT. -w secs, --warning=secs Warning ping response threshold in seconds. If a spamd ping response takes longer than the value specified (in seconds), and does not exceed the critical threshold value, the program will exit with a value of 1 to indicate the warning staus. This value must be no longer than the value specified for critical and less than the value specified for timeout. EXIT CODES
The program will indicate the status of the spamd process being monitored by exiting with one of these values: 0 OK: A spamd ping response was received within all threshold times. 1 WARNING: A spamd ping response exceeded the warning threshold but not the critical threshold. 2 CRITICAL: A spamd ping response exceeded either the critical threshold or the timeout value. 3 UNKNOWN: An error, probably caused by a missing dependency or an invalid configuration parameter being supplied, occurred in the sa-check_spamd program. SEE ALSO
spamc(1) spamd(1) spamassassin(1) PREREQUISITES
"Mail::SpamAssassin" version 3.1.1 or higher (3.1.6 or higher recommended) AUTHOR
Daryl C. W. O'Shea, DOS Technologies <spamassassin@dostech.ca> LICENSE
sa-check_spamd is distributed under the Apache License, Version 2.0, as described in the file "LICENSE" included with the Apache SpamAssassin distribution and available at http://www.apache.org/licenses/LICENSE-2.0 perl v5.14.2 2014-02-14 SA-CHECK_SPAMD.RAW(1)
All times are GMT -4. The time now is 06:11 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy