Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: How can I read Solaris BSM log?
Operating Systems Solaris How can I read Solaris BSM log? Post 302943143 by achenle on Tuesday 5th of May 2015 06:36:03 PM
Old 05-05-2015
Code:
man auditreduce

and
Code:
man praudit

Examples:

http://docs.oracle.com/cd/E19253-01/...-22/index.html

and

http://docs.oracle.com/cd/E19109-01/...970/index.html
 

10 More Discussions You Might Find Interesting

1. Solaris

Solaris BSM log software

I'm looking for a software to capture my systems logs, and bsm (basic security module) logs to centralise the administration. Do you have a suggestions. Opensource or not. (6 Replies)
Discussion started by: simquest
6 Replies

2. Programming

how to write to Solaris BSM log

I have a C program and want to write messages to a log. BSM is being used for O/S auditing. Can I write my messages to the BSM log? If so, how do I do that? I'm not finding any API's for that. Any URLs, samples, guidance would be appreciated. (0 Replies)
Discussion started by: JDO
0 Replies

3. UNIX for Dummies Questions & Answers

solaris BSM and Auditing

Hi Guys, I am new to this forum so I am sorry if i posted this thread in the wrong place. I am currently trying to get BSM to work on solaris 10 by Logging few things for me. I need your help to complete this task please. this is the config of the audit files: audit_conto # Copyright... (18 Replies)
Discussion started by: skywalker850i
18 Replies

4. Solaris

Solaris BSM audit log

I got a lot of this message in my /var/audit log how can I exclude this message? header,127,2,invalid event number,fe,hostsol1.com.sg,2007-12-21 00:10:01.001 +08:00,argument,1,0x5,processor ID,argument ,2,0x3,flag,text,P_STATUS,subject,zhang1,root,root,root,root,18228,576129155,291 131094... (1 Reply)
Discussion started by: geoffry
1 Replies

5. Cybersecurity

audit user in BSM/C2 Log

Hi, I keep encountering events in the BSM/C2 logs which shows that the audit-user who performed the event is the user (e.g. ongkk in the example below). However, the user is able to show me that he wasn't logged in at that time nor have the rights to perform the event (e.g. su in this example).... (5 Replies)
Discussion started by: BERNIELEE68
5 Replies

6. Solaris

BSM auditing

Hi , I don't want logs from a particular "library" to get recorded in the audit.log file. Is that possible with BSM? Please guide. Thanks. (2 Replies)
Discussion started by: chinchao
2 Replies

7. Solaris

Needs some orientation on BSM/auditing

New to Solaris in general (coming from a RHEL background) I'm trying to enable auditing on the system with the following in /etc/security/audit_control: But there are two areas where it seems to break with expected behavior (maybe it's poor expectations on my part): 1) it seems to be... (0 Replies)
Discussion started by: thmnetwork
0 Replies

8. Solaris

BSM not catching creat64

Solaris 9 system: I'm trying to get BSM to record to the point where additional files being put into /etc/opt/csw/sudoers.d will be recorded but thus far all I'm able to get are when files are deleted (via unlink). I've even tried auditing based on the "all" audit flag temporarily (thinking I... (2 Replies)
Discussion started by: thmnetwork
2 Replies

9. Infrastructure Monitoring

Questions about BSM (Business Service Management)

Hi all, management currently has the idea (maybe injected by some nifty salesman ;)), that BSM consists especially of data gathered from systems with heart-beat like messages. In other words, they think about to implement as many systems, that can provide not only status changes from ok to... (2 Replies)
Discussion started by: zaxxon
2 Replies

10. Solaris

How to read this Solaris version:-Solaris 8 HW 5/03 s28s_hw2wos_06a SPARC?

Hi Guys, Could you please tell me how to read this Solaris version:- Solaris 8 HW 5/03 s28s_hw2wos_06a SPARC Thanks. (3 Replies)
Discussion started by: manalisharmabe
3 Replies

LEARN ABOUT MOJAVE

uri::url

URI::URL(3)						User Contributed Perl Documentation					       URI::URL(3)

NAME

       URI::URL - Uniform Resource Locators

SYNOPSIS

	$u1 = URI::URL->new($str, $base);
	$u2 = $u1->abs;

DESCRIPTION

       This module is provided for backwards compatibility with modules that depend on the interface provided by the "URI::URL" class that used to
       be distributed with the libwww-perl library.

       The following differences exist compared to the "URI" class interface:

       o  The URI::URL module exports the url() function as an alternate constructor interface.

       o  The constructor takes an optional $base argument.  The "URI::URL" class is a subclass of "URI::WithBase".

       o  The URI::URL->newlocal class method is the same as URI::file->new_abs.

       o  URI::URL::strict(1)

       o  $url->print_on method

       o  $url->crack method

       o  $url->full_path: same as ($uri->abs_path || "/")

       o  $url->netloc: same as $uri->authority

       o  $url->epath, $url->equery: same as $uri->path, $uri->query

       o  $url->path and $url->query pass unescaped strings.

       o  $url->path_components: same as $uri->path_segments (if you don't consider path segment parameters)

       o  $url->params and $url->eparams methods

       o  $url->base method.  See URI::WithBase.

       o  $url->abs and $url->rel have an optional $base argument.  See URI::WithBase.

       o  $url->frag: same as $uri->fragment

       o  $url->keywords: same as $uri->query_keywords

       o  $url->localpath and friends map to $uri->file.

       o  $url->address and $url->encoded822addr: same as $uri->to for mailto URI

       o  $url->groupart method for news URI

       o  $url->article: same as $uri->message

SEE ALSO

       URI, URI::WithBase

COPYRIGHT

       Copyright 1998-2000 Gisle Aas.

perl v5.18.2							    2012-02-11							       URI::URL(3)
All times are GMT -4. The time now is 09:51 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy