Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

audgen(2) [ultrix man page]

audgen(2)							System Calls Manual							 audgen(2)

Name
       audgen - generate an audit record

Syntax
       audgen(event, tokenp, argv)
       int event;
       char *tokenp, *argv[];

Description
       The system call generates an audit record, which gets placed in the auditlog.

       The  argument  event  is  an  integer  indicating the event type of the operation being audited (see ).	The value of event must be between
       MIN_TRUSTED_EVENT and MIN_TRUSTED_EVENT+N_TRUSTED_EVENTS.

       The argument tokenp is a null-terminated array of token types (see ), each of which represents the type of argument referenced by the  cor-
       responding *argv argument.

       The  argument  argv  is a pointer to an array containing the actual arguments or pointers to those arguments that are to be recorded in the
       audit record.  A pointer to the actual argument is placed in that array when the argument is a string,  array,  or  other  variable  length
       structure.   Arguments  represented  as int's or short's are placed directly in that array.  Each member of the array must be word-aligned.
       You cannot change the values for the audit_id, uid, ruid, pid, ppid, device, IP address, or hostid (secondary tokens for these  values  are
       available).

Return Values
       Upon  successful completion, returns a value of 0.  Otherwise, it returns a value of -1 and sets the global integer variable errno to indi-
       cate the error.

Restrictions
       The call is a privileged system call.  No record is generated if the specified event is not being audited for  the  current  process.   The
       maximum number of arguments referenced by argv is AUD_NPARAM (8).

Diagnostics
       The system call fails under the following conditions:

       [EACCES]       The user is not privileged for this operation.

       [EINVAL]       The value supplied for the event, tokenp, or argv argument is invalid.

																	 audgen(2)

Check Out this Related Man Page

sia_audit(3)						     Library Functions Manual						      sia_audit(3)

NAME

       sia_audit - Variable format interface for audgen - SIA (Security Integration Architecture)

LIBRARY

       Standard C library (libc.so and libc.a)

SYNOPSIS

       #include <siad.h>

       int sia_audit(
	    u_int event,...);

PARAMETERS

       event	 The  event  argument indicates the event value of the operation being audited, as defined in audit.h.	The value of event must be
		 between  MIN_TRUSTED_EVENT  and  MIN_TRUSTED_EVENT  +	N_TRUSTED_EVENTS  -1  or  between  MIN_SITE_EVENT  and	MIN_SITE_EVENT	 +
		 n_site_events	-1  as	defined  in  audit.h.	The  definition  of  n_site_events is determined by executing the sysconfig -q sec
		 audit_site_events command on the running kernel.

DESCRIPTION

       The sia_audit() routine is an interface for the audgen system call.  It accepts a variable number of arguments  describing  the	event  and
       audit data, then calls with the appropriate parameters to generate the audit record.

RESTRICTIONS

       The audgen system call is privileged.

RETURN VALUES

       The sia_audit() routine returns SIASUCCESS or SIAFAIL.

ERRORS

       The errno value is that set by the audgen system call.  Possible errors include resource constraints (no memory) and various authentication
       failures.

RELATED INFORMATION

       audgen(2), audgenl(3), sysconfig(8), sysconfigdb(8)

       Security delim off

																      sia_audit(3)
Man Page