Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Auditing events
Operating Systems AIX Auditing events Post 302336081 by venksel on Tuesday 21st of July 2009 06:48:46 AM
Old 07-21-2009
Auditing events
Hi there,

I want to enable auditing for the following events in a critical AIX UNIX server by editing the /etc/syslog.conf file:

Authentication events (login success, login failure, logout)
Privilege use events (change to another user etc.)
System state events (shutdown, reboot)
Batch events (execution of batch processes)
Clock/Time Setting Change
Syslog Messages Cleared
User Account Administration

For testing purpose, I want to turn off all other events but for the ones listed above. Please let me know how it's done.

Thanks,
V
Last edited by zaxxon; 07-21-2009 at 10:07 AM.. Reason: Changed title into something senseful
 

8 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Auditing

:)I need a little help. I have sent all of our logs to our log server, but I can't send the audit logs that are in /var/log/audit.log. Can someone give me some type of idea to transfer these logs. Thank You (2 Replies)
Discussion started by: aojmoj
2 Replies

2. Cybersecurity

bash auditing

Hi dear friends I have an RHEL5 installed and I gave all users on it rbash shell, Now I want to audit all commands that they did in there shell once they enter them, Can any guide me to the way Thanks (2 Replies)
Discussion started by: reaky
2 Replies

3. Cybersecurity

Solaris Auditing: Newly specified events not being logged

Hi all I'm busy testing auditing on Solaris 10. I am using the syslog plugin to get real time view of what's happening on the system. Initially I am only monitoring lo events. The audit_control file looked like this: dir:/var/audit flags:lo minfree:20 naflags:lo... (1 Reply)
Discussion started by: notreallyhere
1 Replies

4. Shell Programming and Scripting

Auditing script

I need a command line that will ls -l a directory and pick (grep?) all files that don't match a desired owner without losing track of the filename at any point. This way I can list later on "here are all the files with an incorrect owner". Thanks in advance (4 Replies)
Discussion started by: stevensw
4 Replies

5. AIX

Help me! AUDITING AIX

Hi All, i've a problem on a AIX server with audit config... when i start the audit i receive this error: root@****:/etc/security/audit > /usr/sbin/audit start Audit start cleanup: The system call does not exist on this system. ** failed setting kernel audit objects I don't understand... (0 Replies)
Discussion started by: Zio Bill
0 Replies

6. AIX

AIX auditing

can some give some tips, most common security issues or and kind of advice about auditing aix system? regards (2 Replies)
Discussion started by: bongo
2 Replies

7. AIX

AIX auditing

In our customer place somebody removed and PV from the server. I want the information like which user removed this PV. Is there any way to get PV removal information. When did the PV removed from the server ? Whether AIX auding will help ? Where i can get these information ? Thank... (2 Replies)
Discussion started by: sunnybee
2 Replies

8. Solaris

Configuring Auditing

Hello Solaris Team, We would like to implement some audit policy (using a log file) in Solaris 10 in order to record the following data in columns per all users: 1. Date 2. Time 3. User 4. Command executed 5. Terminal 6. IP Address Could you please help me in order to... (2 Replies)
Discussion started by: csierra
2 Replies

LEARN ABOUT OSF1

xselectinput

XSelectInput(3X11)														XSelectInput(3X11)

NAME

       XSelectInput - select input events

SYNOPSIS

       XSelectInput(display, w, event_mask)
	       Display *display;
	       Window w;
	       long event_mask;

ARGUMENTS

       Specifies the connection to the X server.  Specifies the event mask.  Specifies the window whose events you are interested in.

DESCRIPTION

       The  XSelectInput  function  requests  that  the X server report the events associated with the specified event mask. Initially, X will not
       report any of these events. Events are reported relative to a window.  If a window is not interested in a device event, it  usually  propa-
       gates to the closest ancestor that is interested, unless the do_not_propagate mask prohibits it.

       Setting	the  event-mask  attribute of a window overrides any previous call for the same window but not for other clients. Multiple clients
       can select for the same events on the same window with the following restrictions: Multiple clients can select events on  the  same  window
       because	their event masks are disjoint. When the X server generates an event, it reports it to all interested clients.	Only one client at
       a time can select CirculateRequest, ConfigureRequest, or MapRequest events, which are associated with the event mask  SubstructureRedirect-
       Mask.   Only  one  client at a time can select a ResizeRequest event, which is associated with the event mask ResizeRedirectMask.  Only one
       client at a time can select a ButtonPress event, which is associated with the event mask ButtonPressMask.

       The server reports the event to all interested clients.

       XSelectInput can generate a BadWindow error.

DIAGNOSTICS

       A value for a Window argument does not name a defined Window.

SEE ALSO

       Xlib -- C Language X Interface

																XSelectInput(3X11)
All times are GMT -4. The time now is 10:24 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy