Quote:
Originally Posted by
Bolou
- User Account Creation
- User Account Deletion
There are no logs as these are single commands which have a return code (and some diagnostic messages in case something goes wrong). You might want to write some script wrapper for them and write a log file yourself.
Quote:
Originally Posted by
Bolou
- Failed and or Successful User Password Changes
This is not clear enough. The fact that a password is changed is noted in
/etc/security/passwd, a file in stanza format, with a
lastupdate= entry. Note that this only pertains to locally authenticated users. LDAP-, Kerberos-, ... -users where the AIX system relies on some external system for the authentication do not have password-information on the system and therefore no pasword-update-information.
You might want to read up about "LAM" ("loadable authentication modules") for details.
Quote:
Originally Posted by
Bolou
- Failed Login Activities for all User Users
That depends on what you want to know. The
lsuser command provides information about the attributes "unsuccessful_login_count". "host_last_unsuccessful_login" and some others (issue
lsuser root as root for a complete list of user attributes). You can also configure some authentication mechanisms to use the syslog facilities to write logs. There is nothing out of the box, though, because "authentication" is a loadable, configurable and quasi-external service for AIX.
Quote:
Originally Posted by
Bolou
- System Reboot or and shutdown
Is logged in the error log. As a root user enter
errpt for an overview and
errpt -a for a detailed description of every entry (including shutdown/boot events).
I hope this helps.
bakunin
02-18-2016
