|
|
Sponsored Content
Operating Systems
Solaris
How to view audit logs in Solaris?
Post 302757643 by jim mcnamara on Thursday 17th of January 2013 10:21:42 PM
01-17-2013
|
|
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hello
one of my sites i host is doing somewhat well in the search engines, and i would like to watch the raw log files while looged in with telenet
is there a way to do this.
thanx
Mike (2 Replies)
Discussion started by: whothought1
2 Replies
2. Shell Programming and Scripting
Please share a shell script to collect logs of a server (like cpu utilization, memory etc) for a perticular time interval by giving date, time and server name as input. (1 Reply)
Discussion started by: abhishek27
1 Replies
3. UNIX for Advanced & Expert Users
Hi !
I have a FTP site, where I softlinked my server log file.
Now I want to view the logs in IE as I do in unix
Some kind of free tool should be there, Can somebody provide me a pointer.
Thanks. (0 Replies)
Discussion started by: dashok.83
0 Replies
4. UNIX for Dummies Questions & Answers
Hi,
I want to know how we can view two or three logs which are dynamically getting updated from a single/same putty window with tail commnad.
Thanks. (7 Replies)
Discussion started by: reachsudha
7 Replies
5. Red Hat
Hi all
I am trying to add secure and audit logs to logrotate for a client whom wants the logs for a period of 6 months, compressed/zipped weekly for auditing.
I am terrible with logrotate and since there isn't default settings for both logs, I created two new entries in my /etc/logrotate.d/... (7 Replies)
Discussion started by: hedkandi
7 Replies
6. Solaris
Dear All,
I have one of my Servers, running Solaris 9. I wanna enable the Audit log enabling, the way I did in Solaris 10 Servers.
After running, the bsmconv script, giving the reboots, modifying all the audit files in /etc/security, the audit is enabled, but the audit file which shall be... (3 Replies)
Discussion started by: sumeet1806
3 Replies
7. Solaris
Hello all,
I've configured 'audit' service to send the audit logs to a remote log server (by using syslog plugin), which is working fine.
However, there is a problem. audit service also tries to write same information (but in binary format) in /var/audit path.
So, Is there anyway to stop... (2 Replies)
Discussion started by: Anti_Evil
2 Replies
8. Solaris
HI Community,
how can i configure audit logs for global zones and standard zone. i have enabled and started auditd service and it went to maintenance mode. please help me to configure that
Thanks & Regards,
BEn (9 Replies)
Discussion started by: bentech4u
9 Replies
9. Shell Programming and Scripting
Hi
I'm very new to unix shell scripting. Im also new here in this forum. I'm a SQL Server DBA but I'm slowly learning Oracle and Sybase DB. Our Oracle and Sybase are on Unix platforms. Im slowly learning Linux Admin and Shell Scripting to automate tasks.
I'm writing a script to view DB error... (4 Replies)
Discussion started by: Ricky777
4 Replies
10. Solaris
Hi guys.
I have to set audit logs on certain events on a solaris 10 server.
While I had no problems on linux, I'm going crazy to do the same thing on solaris 10, since I don't have enough expertise on this OS .
I should be able to identify these 4 different events:
1: Tracking all... (2 Replies)
Discussion started by: menofmayhem
2 Replies
LEARN ABOUT FREEBSD
praudit
PRAUDIT(1) BSD General Commands Manual PRAUDIT(1) NAME
praudit -- print the contents of audit trail files SYNOPSIS
praudit [-lnpx] [-r | -s] [-d del] [file ...] DESCRIPTION
The praudit utility prints the contents of the audit trail files to the standard output in human-readable form. If no file argument is spec- ified, the standard input is used by default. The options are as follows: -d del Specifies the delimiter. The default delimiter is the comma. -l Prints the entire record on the same line. If this option is not specified, every token is displayed on a different line. -n Do not convert user and group IDs to their names but leave in their numeric forms. -p Specify this option if input to praudit is piped from the tail(1) utility. This causes praudit to sync to the start of the next record. -r Prints the records in their raw, numeric form. This option is exclusive from -s. -s Prints the tokens in their short form. Short text representations for record and event type are displayed. This option is exclusive from -r. -x Print audit records in the XML output format. If the raw or short forms are not specified, the default is to print the tokens in their long form. Events are displayed as per their descriptions given in /etc/security/audit_event; UIDs and GIDs are expanded to their names; dates and times are displayed in human-readable format. FILES
/etc/security/audit_class Descriptions of audit event classes. /etc/security/audit_event Descriptions of audit events. SEE ALSO
auditreduce(1), audit(4), auditpipe(4), audit_class(5), audit_event(5) HISTORY
The OpenBSM implementation was created by McAfee Research, the security division of McAfee Inc., under contract to Apple Computer Inc. in 2004. It was subsequently adopted by the TrustedBSD Project as the foundation for the OpenBSM distribution. AUTHORS
This software was created by McAfee Research, the security research division of McAfee, Inc., under contract to Apple Computer Inc. Addi- tional authors include Wayne Salamon, Robert Watson, and SPARTA Inc. The Basic Security Module (BSM) interface to audit records and audit event stream format were defined by Sun Microsystems. BSD
August 4, 2009 BSD