I've googled this quite a bit, and tried searching on these forums, but haven't found a solution to my problem. I wanted to inquire about AIX's audit subsystem - more specifically, how to rotate its log file.
So far I've been able to find how to rotate AIX syslog log files, and I found some cronlog info, but neither helps me with audit.log. Does AIX have a way of automatically rotating this file once it reaches a certain size? I really want to avoid having to write a script to monitor the files, rename them and restart audit, but I'll do it if it comes down to it. Any info will be greatly appreciated.
Hello all.
Due to some reason I can not use HUP to rotate needed log files.
So I use the standard method:
cp $file $file.1
cat /dev/null > $file
But if Java application in this time writing the output to $file,
in the beginning of it appears many "^@^@^@^@^@^@".
How to avoid it? Or how... (6 Replies)
Hi
I am trying to create a simple function that implements log rotation
rotatelogs () {
file_name=$1
archive_dir=$2
retention_period=$3
find $archive_dir -name $file_name -mtime +$retention_period -exec rm -f {} \;
}
Issue i am facing is the file_name would be something like my... (3 Replies)
Hi Can anyone assist me, I am trying to compate the size of a logfile to a maximum size 1000 and delete if exceeds the limit.
The problem I am getting is the command not found for the line
if ( $LOGNAME_SIZE >= $MAXSIZE); then
Appreciate your response.
Script:
LOGDIR="/home/... (6 Replies)
hi folk,
need advise regarding the log rotation, i have the logadm set at
30 2 * * * /usr/sbin/logadm
so it supposed to rotate once per day, but now it rotated twice!
but someone my log will rotate at 2:30 AM, but then another 2 hours later, it creates a new and rotate a new log again,... (2 Replies)
Dear All
When I start the AIX(6100-06)audit subsystem.
the log will save in /audit/stream.out (or /audit/trail), but in default when /audit/stream.out to grow up to 150MB.
It will replace the original /audit/stream.out (or /audit/trail).
Then the /audit/stream.out become empty and... (2 Replies)
Hi Guys,
Good morning, I just want to know and collect ideas on this one. Regarding rotation of logs as I've observed it's not consistently functioning. I have a server with 8 Partitions, each partition has a dedicated directory for the logs that is needed and I set it every 5mins (300secs) the... (1 Reply)
Hi All!
I seem to have a problem with log rotation, unless I am doing something wrong, I have type the following command for testing purposes to see if the -s option works but he did not:
logadm -w /var/adm/messages -C 8 -c -s 512k -t '/var/adm/messages.$n' -z 1
the file is now at this... (7 Replies)
I have an application that rotate its log once it reaches 100mb and it keeps a total of 24 logs. I am trying to write a script to run daily to tar up the previous day logs files and move them to a different directory. here is a long listing of the logs in the directory:
-rw-r--r-- 1 user1 ... (6 Replies)
Hi all,
could any provide me a solution for the below requirement.
I have two files namely abc.log.1 and abc.log.2
The above files have time stamp as Dec 08 and Dec 09
I need to rename the files as abc.log.1_20141208 and abc.log.2_20141209 and move to another bkp directory.
Thanks in... (2 Replies)
Discussion started by: bhaskar t
2 Replies
LEARN ABOUT OSX
audit
AUDIT(8) BSD System Manager's Manual AUDIT(8)NAME
audit -- audit management utility
SYNOPSIS
audit -e | -i | -n | -s | -t
DESCRIPTION
The audit utility controls the state of the audit system. One of the following flags is required as an argument to audit:
-e Forces the audit system to immediately remove audit log files that meet the expiration criteria specified in the audit control file
without doing a log rotation.
-i Initializes and starts auditing. This option is currently for Mac OS X only and requires auditd(8) to be configured to run under
launchd(8).
-n Forces the audit system to close the existing audit log file and rotate to a new log file in a location specified in the audit con-
trol file. Also, audit log files that meet the expiration criteria specified in the audit control file will be removed.
-s Specifies that the audit system should [re]synchronize its configuration from the audit control file. A new log file will be cre-
ated.
-t Specifies that the audit system should terminate. Log files are closed and renamed to indicate the time of the shutdown.
NOTES
The auditd(8) daemon must already be running. Optionally, it can be configured to be started on-demand by launchd(8) (Mac OS X only). The
audit utility requires audit administrator privileges for successful operation.
FILES
/etc/security/audit_control Audit policy file used to configure the auditing system.
SEE ALSO audit(4), audit_control(5), auditd(8), launchd(8)HISTORY
The OpenBSM implementation was created by McAfee Research, the security division of McAfee Inc., under contract to Apple Computer Inc. in
2004. It was subsequently adopted by the TrustedBSD Project as the foundation for the OpenBSM distribution.
AUTHORS
This software was created by McAfee Research, the security research division of McAfee, Inc., under contract to Apple Computer Inc. Addi-
tional authors include Wayne Salamon, Robert Watson, and SPARTA Inc.
The Basic Security Module (BSM) interface to audit records and audit event stream format were defined by Sun Microsystems.
BSD January 29, 2009 BSD
08-06-2009
