05-12-2008
Quote:
How do I setup audit to alert on write conditions for individual files? Thanks.
Unfortunately you can not audit individual files, it is all or nothing. The only way to filter it is to do it per user, using the
audit_user file.
We have a short description
here on how to audit file deletions, and if you replace
fd with
fm you audit file modifications, i.e. file writes and any change to the file meta data.
9 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hello everbody:
I have a file on the system, I need to check who was the last user who accessed or modified it, and if i can get any further details i can get like IP or access time,etc.
do you have any idea about simple concept or way i can do that in unix tru64 or solaris 9?
thanks in advance... (2 Replies)
Discussion started by: aladdin
2 Replies
2. UNIX for Dummies Questions & Answers
Hi Guys,
I am new to this forum so I am sorry if i posted this thread in the wrong place. I am currently trying to get BSM to work on solaris 10 by Logging few things for me. I need your help to complete this task please.
this is the config of the audit files:
audit_conto
# Copyright... (18 Replies)
Discussion started by: skywalker850i
18 Replies
3. UNIX for Advanced & Expert Users
:)I need a little help. I have sent all of our logs to our log server, but I can't send the audit logs that are in /var/log/audit.log. Can someone give me some type of idea to transfer these logs.
Thank You (2 Replies)
Discussion started by: aojmoj
2 Replies
4. UNIX for Advanced & Expert Users
Hi All,
I have a requirement to report us on changing a group of static files.
Those are the binary files that run in Production every day.
Due to the in sercure environment situations, I found many are indulging in there own changes to the binaries by doing some changes in the souce code.
... (1 Reply)
Discussion started by: mohan_kumarcs
1 Replies
5. UNIX for Advanced & Expert Users
Hello,
We need to log the operations that specific user on Solaris 10 (SPARC) is performing on one directory and it's contents. I was able to configure solaris auditing service (auditd) and it works fine. The only problem is that auditd logs huge amount of unneeded information. We need to log... (0 Replies)
Discussion started by: +Yan
0 Replies
6. Shell Programming and Scripting
Hello,
is there some way to track what shell commands some user is executing ?
Something like to have some log file where i could see what commands some user used, e.g. rm -r dirname , ls -l .... and so on ...
I have 2.6.13-1.1526_FC4smp (9 Replies)
Discussion started by: tonijel
9 Replies
7. Solaris
Hello,
I was wondering when Solaris auditing is enabled, If it is possible to keep track of users that are allowed to sudo to root. In other words, I would like to know which user did what on my Solaris box. (assumig that user can "sudo su -" )
Thanks. (2 Replies)
Discussion started by: niyazi
2 Replies
8. Cybersecurity
Hi all
I'm busy testing auditing on Solaris 10.
I am using the syslog plugin to get real time view of what's happening on the system. Initially I am only monitoring lo events. The audit_control file looked like this:
dir:/var/audit
flags:lo
minfree:20
naflags:lo... (1 Reply)
Discussion started by: notreallyhere
1 Replies
9. Solaris
Hello,
Im glad to become a member of this forums,
Im new on solaris and recentrly im introducing to use auditing service in that system.
The need is, that I need how to exclude a directory to the audit service not audit it.
And, a plus, I need of how to disable auditing the root user in... (0 Replies)
Discussion started by: sysh4ck
0 Replies
LEARN ABOUT HPUX
install-solaris
install-solaris(1M) install-solaris(1M)
NAME
install-solaris - install the Solaris operating system
SYNOPSIS
install-solaris
install-solaris invokes the Solaris Install program. Depending on graphical capability and available memory at the time of invocation,
install-solaris invokes either a text-based installer or a graphical installer.
The following minimum requirements for physical memory dictate which features are available during installation:
For SPARC machines:
128 MB
Minimum physical memory for all installation types
128 MB
Minimum physical memory required for windowing system
384 MB
Minimum physical memory required for graphical-based installation
For x86 machines:
256 MB
Minimum physical memory for all installation types
256 MB
Minimum physical memory required for windowing system
512 MB
Minimum physical memory required for graphical-based installation
In some cases, even if the minimum physical memory is present, available virtual memory after system startup can limit the number of fea-
tures available.
install-solaris exists only on the Solaris installation media (CD or DVD) and should be invoked only from there. Refer to the for more
details.
install-solaris allows installation of the operating system onto any standalone system. install-solaris loads the software available on the
installation media. Refer to the for disk space requirements.
Refer to the for more information on the various menus and selections.
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWcdrom (Solaris instal- |
| |lation media) |
+-----------------------------+-----------------------------+
|Interface Stability |Evolving |
+-----------------------------+-----------------------------+
pkginfo(1), install(1M), pkgadd(1M), attributes(5)
It is advisable to exit install-solaris by means of the exit options in the install-solaris menus.
23 Sep 2005 install-solaris(1M)