Login or Register to Ask a Question and Join Our Community


HP-UX

Alternative to audusr command in standard mode

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems HP-UX Alternative to audusr command in standard mode
# 1  
Old 05-26-2017
HP Alternative to audusr command in standard mode
I need some help in finding which users have the audit setting turned on in the standard mode on a hpux OS 1131 from my application.

I am using audusr from the C code in trusted mode. Need help what to do in standard mode.
Last edited by einsteinBrain; 05-27-2017 at 11:39 AM.. Reason: mention the OS version
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Beginners Questions & Answers

Alternative to cp command

Good Afternoon, I'm backing up a folder from one NAS to another using a unix script using cp. Its a lot of files and takes several days to complete. Most of the files don't change from week to week. Is there a command that would be quicker? Also note, the backup needs to be ready-to-use in... (5 Replies)
Discussion started by: Stellaman1977
5 Replies

2. UNIX for Beginners Questions & Answers

Alternative to join command

Ubuntu, Bash 4.3.48 Hi, I have 2 files and I want to join them (line by line if the start of the lines is the same, like a ID) INPUT FILE 1 (tab delimited) aa_12_12_v_c aaa,asf,afgas,eg bb_12_43_a_d dad,ada,adaf,afa cc_56_75_d_f asd,thh,ert,rtertet INPUT FILE 2 (tab delimited)... (4 Replies)
Discussion started by: echo manolis
4 Replies

3. HP-UX

From a C++ application how to find if a hpux host is in standard mode or trusted mode

is there a way for my C++ application to find out which mode the hpux OS is running in? standard mode or trusted mode. (3 Replies)
Discussion started by: einsteinBrain
3 Replies

4. Shell Programming and Scripting

Maxdepth command not working in AIX.Need alternative solution for this command

Hi All, I am trying to select 30 days older files under current directory ,but not from subdirectory using below command. find <Dir> -type f -mtime + 30 This command selecting all the files from current directory and also from sub directory . I read some documention through internet ,... (1 Reply)
Discussion started by: kommineni
1 Replies

5. AIX

Alternative command for topas

hi, I need alternative command for topas to check cpu %, i tried with ps but their is lot of diffference between the outputs of two commands... Thanks (3 Replies)
Discussion started by: sumanthupar
3 Replies

6. Homework & Coursework Questions

locate command alternative,,

Use and complete the template provided. The entire template must be completed. If you don't, your post may be deleted! Ok, Im back with another small problem. I created a script (the one posted in the last thread). After some help from some members here all is good. The problem is I made it... (4 Replies)
Discussion started by: ozman911
4 Replies

7. Shell Programming and Scripting

Any alternative of sar command

Hi all, I am using linux box ...i dont find the manual entry of sar command through man sar ...it is in unix not in linux although i have to check the cpu utilization and paging...any alternative of sar command.. Thanks Vijay Sahu (1 Reply)
Discussion started by: vijays3
1 Replies

8. UNIX for Dummies Questions & Answers

alternative for head command

Hi friends,I am new to unix and this is really a dummy question.but please help me out. How to simulate head command without using head command??? also tail command too,also more command. it is given as a homework to do....please tell me how to do (2 Replies)
Discussion started by: nikhilneela
2 Replies

9. HP-UX

how to distinguish standard system mode or trust system mode

I think that if the directory /tcb exists, HP-UX is in trusted mode and the passwd data is somewhere in /tcb/files/auth. But that's all I remember. Also I think recent versions of HP-UX can have a /etc/shadow file. (0 Replies)
Discussion started by: Perderabo
0 Replies

10. UNIX for Dummies Questions & Answers

an alternative of sed command..--imp

Hi Is there a better alternative to sed command.. or any command as an alternate to sed. Thanks!! (3 Replies)
Discussion started by: aixjadoo
3 Replies
Login or Register to Ask a Question

LEARN ABOUT HPUX

audisp

audisp(1M)																audisp(1M)

NAME

       audisp - display the audit information as requested by the parameters

SYNOPSIS

       username] eventname] compartmentname] syscall] ttyid] start_time] stop_time] audit_trail...

DESCRIPTION

       analyzes  and  displays	the audit information contained in the specified audit trails. All specified audit trails are merged into a single
       audit trail in chronological order.  Although the entire audit trail is analyzed, the command allows you to limit the information displayed
       by specifying different options.  This command is restricted to privileged users.

       If  the	audit  information was collected in compatibility mode, each audit trail (audit_trail) is identified by a file name.  If the audit
       information was collected in regular mode, the audit trail (audit_trail) is identified by a directory name.  Only  a  privileged  user  can
       configure the auditing mode (compatibility or regular); see audsys(1M).	The audit information that is collected in regular mode is identi-
       fied and displayed by directory names and not by file name since the file names may not represent complete trail information  for  analysis
       or display.

       Any  unspecified option is interpreted as an unrestricted specification.  For example, a missing option causes all users' audit information
       in the audit trail to be displayed as long as all other specified options are satisfied.  As well, providing the option without the  option
       causes all audit information beginning from start_time to the end of the trail to be displayed.

       If you invoke the command without any options, displays all recorded information from the start of the audit trail to the end.

       Specifying  an  option  without its required parameter results in an error.  For example, specifying without any eventname returns an error
       message.

   Options
       If this option is specified,
		      does not terminate after it displays the last event. Instead, it waits for and displays audit events as they  become  avail-
		      able.

       Specify the    username	(login	name) for which to display the audit information.  If no username is specified, displays audit information
		      for all users in the audit file.

       Display audit information for the specified event category.
		      eventname must be a valid event category (base event or event alias) that is defined in or (see audit.conf(4)).  Another way
		      to  be  certain an eventname is valid is to read the output of for a list of valid event category names and their associated
		      system calls (see audevent(1M)).

       Display audit information on the specified compartment. See
		      compartments(5).	If no compartmentname is specified, displays audit information about all the  compartments  in	the  audit
		      file.  If compartments feature is disabled in the running configuration, this option is ignored.

       Display audit information about the specified system call.
		      The  syscall  must be a valid system call name or system call alias name that is defined in or (see audit.conf(4)).  Another
		      way to be certain a syscall is valid is to read the output of for a list of valid syscall names (see audevent(1M)).

       Display only successful operations that were recorded
		      in the audit trail.  A user event that results in a failure is not displayed, even if username and eventname are specified.

		      The and the options are mutually exclusive; do not specify both on the same command line.  To display  both  successful  and
		      failed operations, omit both and options.

       Display only failed operations that are recorded
		      in the audit trail.

       Display all operations that occurred on the specified terminal
		      (ttyid) and were recorded in the audit trail.  By default, operations on all terminals are displayed.

       Display all audited operations occurring since
		      start_time, specified as mmddhhmm[yy] (month, day, hour, minute, year).  If the year is specified and is greater than 70, it
		      is interpreted as in the twentieth century.  Otherwise, it is interpreted as in the twenty-first century.   If  no  year	is
		      given, the current year is used.	No operation in the audit trail occurring before the specified time is displayed.

       Display all audited operations occurring before
		      stop_time,  specified as mmddhhmm[yy] (month, day, hour, minute, year).  If the year is specified and is greater than 70, it
		      is interpreted as in the twentieth century.  Otherwise, it is interpreted as in the twenty-first century.   If  no  year	is
		      given, the current year is used.	No operation in the audit trail occurring after the specified time is displayed.

       The year is displayed as a two digit number (with
		      or  as a four digit number (with The default is Note that start_time and stop_time must still be specified as two digit num-
		      bers.

AUTHOR

       was developed by HP.

FILES

	      file containing event mapping information

	      file containing site-specific event mapping information

SEE ALSO

       audevent(1M), audit(4), audit.conf(4), audit(5), compartments(5).

																	audisp(1M)