Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: how to find whether audit log is secure?
Operating Systems Solaris how to find whether audit log is secure? Post 302581716 by ShouTenraku on Tuesday 13th of December 2011 11:39:55 PM
Old 12-14-2011
The question you post is very vague.
Depending the definition of security. I guess 700 permission and owned by root:root is safe?
 

10 More Discussions You Might Find Interesting

1. Solaris

Solaris BSM audit log

I got a lot of this message in my /var/audit log how can I exclude this message? header,127,2,invalid event number,fe,hostsol1.com.sg,2007-12-21 00:10:01.001 +08:00,argument,1,0x5,processor ID,argument ,2,0x3,flag,text,P_STATUS,subject,zhang1,root,root,root,root,18228,576129155,291 131094... (1 Reply)
Discussion started by: geoffry
1 Replies

2. AIX

audit.log file rotation

Hi guys, I've googled this quite a bit, and tried searching on these forums, but haven't found a solution to my problem. I wanted to inquire about AIX's audit subsystem - more specifically, how to rotate its log file. So far I've been able to find how to rotate AIX syslog log files, and I... (2 Replies)
Discussion started by: w1r3d
2 Replies

3. Solaris

delete audit old log

hi all, i enabled audit in my server it is working fine, now i want to delete old logs from audit file ,plz find a solution for it, Regards spandan (2 Replies)
Discussion started by: spandhan
2 Replies

4. Cybersecurity

audit user in BSM/C2 Log

Hi, I keep encountering events in the BSM/C2 logs which shows that the audit-user who performed the event is the user (e.g. ongkk in the example below). However, the user is able to show me that he wasn't logged in at that time nor have the rights to perform the event (e.g. su in this example).... (5 Replies)
Discussion started by: BERNIELEE68
5 Replies

5. Solaris

audit log timestamps in GMT

I am aware that the timestamps of the audit log files are in the following format : file, 2011-09-13 07:40:24 .000 -4 Is there anyway that I can display the timestamps in local time format. Thanks for the help. ---------- Post updated at 02:18 PM ---------- Previous update was at 01:06... (0 Replies)
Discussion started by: chinchao
0 Replies

6. AIX

When AIX audit start, How to set the /audit/stream.out file size ?

Dear All When I start the AIX(6100-06)audit subsystem. the log will save in /audit/stream.out (or /audit/trail), but in default when /audit/stream.out to grow up to 150MB. It will replace the original /audit/stream.out (or /audit/trail). Then the /audit/stream.out become empty and... (2 Replies)
Discussion started by: nnnnnnine
2 Replies

7. Red Hat

Secure & Audit logs

Hi all I am trying to add secure and audit logs to logrotate for a client whom wants the logs for a period of 6 months, compressed/zipped weekly for auditing. I am terrible with logrotate and since there isn't default settings for both logs, I created two new entries in my /etc/logrotate.d/... (7 Replies)
Discussion started by: hedkandi
7 Replies

8. Red Hat

Audit.log Management

Hi, I'm fairly new to administering RedHat (or any Linux system for that matter), and was wondering if someone could help me work out how to best manage audit logs. In a nutshell, this is what I need to do: - Compress audit.log file(s) once a month and delete the originals - The... (0 Replies)
Discussion started by: Seonix
0 Replies

9. SuSE

Alert for Audit log

Dear users, I have SLES 11 and SLES 10 servers. I'd like to receive an alert when audit log files reach certain percentage of full. 1. Is '/etc/audit/auditd.conf' the right file to modify? 2. I'd like to receive email alert. Can I specify my email in this parameter 'action_mail_acct... (1 Reply)
Discussion started by: JDBA
1 Replies

10. Shell Programming and Scripting

Parse audit log

I am trying to parse the audit log to find a particular date that associated with a user record. The Date and the context of the record that I need to extract from the audit.log are 11-07-2015, the username and the activity he or she performed that day. Here is my code: grep -c date -d... (3 Replies)
Discussion started by: dellanicholson
3 Replies

LEARN ABOUT REDHAT

elksemu

elksemu(1)						      General Commands Manual							elksemu(1)

NAME

       elksemu - Embedded Linux Kernel Subset emulator

SYNOPSIS

       /lib/elksemu program [arguments]

DESCRIPTION

       Elksemu is a program that allows 8086 ELKS programs to be run under Linux-i386. These programs can be compiled using the bcc(1) C compiler.

       It  is not usual to invoke /lib/elksemu directly, either the simple patch or kernel module distributed with it will cause the kernel to run
       /lib/elksemu with the correct arguments whenever the user tries to execute an ELKS executable directly.

OPTIONS

       There are no flag options to elksemu, the first argument is the name of the program to run the rest are arguments that are  passed  to  the
       Elks program.

       The  elksemu  program is normally installed suid-root and in this event it is able to run execute only (chmod 111) elks executables and act
       correctly on the suid permission bits on those executable. This may be considered a  security  hazard  so  elksemu  does  not  have  to	be
       installed suid-root.

SEE ALSO

       bcc(1), as86(1), ld86(1)

BUGS

       Elksemu is incomplete.

       The program may still have security bugs!

								     Jan, 1997								elksemu(1)
All times are GMT -4. The time now is 06:59 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy