04-04-2020
How about using built-in audit systems in Linux and Solaris system ?
Writing scripts can only poorly emulate proper audit system, with easy circumvention.
History file is not audit and can easily be falsified or bypassed completely.
Hope that helps
Regards
Peasant.
This User Gave Thanks to Peasant For This Post:
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
Hi I have a command in a script .
/usr/bin/iostat -E
I would like to place an entry in /var/adm/messages (via syslog) as a daemon.notice using the logger command but i just cant work out the syntax for this , do I pipe the output of iostat into logger? or is it redirected...can somebody give me... (1 Reply)
Discussion started by: hcclnoodles
1 Replies
2. UNIX for Advanced & Expert Users
Generally(at least on AIX5.3, Solaris9, OS X)'logger' command would create syslog messages which carry <login name> . On Solaris9, I have experienced two circumstances in which 'logname' command fails. In this circumstance I saw the 'logger' command generated syslog messages which carry... (0 Replies)
Discussion started by: masaki
0 Replies
3. Shell Programming and Scripting
I am working on a script that checks two arguments at the command line. The first argument is a search pattern, the second can be a file or a directory, if it is a file a second script is called that checks it for the search pattern. If the second argument is a directory, it checks for the search... (5 Replies)
Discussion started by: Breakology
5 Replies
4. AIX
Hello Friends,
I had enabled the audit and configured for sysadmin user alone in audit config file. but the audit starts logging for root user alone.
Attached the conf file. I want the aduit to record only for sysadmin activities..
need your expertise and help in solving the issue. (1 Reply)
Discussion started by: kmvinay
1 Replies
5. Shell Programming and Scripting
I am a bash beginner and I need to write an script to check my users login time. This has to be in a format of :
This script has to work on a server to check all the users. I know that I have to use "last" command but I have no idea how to do it.
any assistance is appreciated.
Thanks (17 Replies)
Discussion started by: bashily
17 Replies
6. Shell Programming and Scripting
i'm trying to write a bash script that executes a mysql statement
mysql -sN -e INSERT INTO "$database"."$tableprefix"users (var1, var2,var3) VALUES (123, '1','')
i don't know where to put the quotes
it doesnt work with this one: `
it seems i can only put double quotes around the... (0 Replies)
Discussion started by: vanessafan99
0 Replies
7. Shell Programming and Scripting
I'm running mysql in a bash script
mysql <<EOF
query
EOF
one query is like this:
UPDATE $dbname.$prefix"config" SET value = $var WHERE "$prefix"config.name = 'table colname';
with variable
but it's giving an error
i'm not sure what to put for
"$prefix"config.name
the table... (3 Replies)
Discussion started by: vanessafan99
3 Replies
8. Shell Programming and Scripting
ls -l /md01/EL/MarketData/inbound/ststr/INVENTORY* |tail -5 |awk '{ print $5,$6,$7,$8,$9 }'If I run the above from the command line the output to md_email is formatted correctly as
78213497 May 1 12:50 /md01/EL/MarketData/inbound/ststr/INVENTORY.20120430.PINESTREET.CSV.done
77904740 May 2... (3 Replies)
Discussion started by: smenago
3 Replies
9. Shell Programming and Scripting
I use the snippet below in /etc/profile on RHEL Linux to capture command line logging and it all works well and good.
Now I'd like to pipe the same output from script through the logger command so it all gets logged to syslog.
The only additional code I've added is in bold below (|... (4 Replies)
Discussion started by: woodson2
4 Replies
10. Shell Programming and Scripting
Hi,
On RHEL 7.2, I created below script in cronjob for every minute. If this process is found to be not running, it should record message in /var/adm/xymessages, start it and send email.
#!/bin/bash
source /export/home/prodadm/.bash_profile
if ;
then
... (8 Replies)
Discussion started by: ron323232
8 Replies
LEARN ABOUT FREEBSD
audit
AUDIT(8) BSD System Manager's Manual AUDIT(8)
NAME
audit -- audit management utility
SYNOPSIS
audit -e | -i | -n | -s | -t
DESCRIPTION
The audit utility controls the state of the audit system. One of the following flags is required as an argument to audit:
-e Forces the audit system to immediately remove audit log files that meet the expiration criteria specified in the audit control file
without doing a log rotation.
-i Initializes and starts auditing. This option is currently for Mac OS X only and requires auditd(8) to be configured to run under
launchd(8).
-n Forces the audit system to close the existing audit log file and rotate to a new log file in a location specified in the audit con-
trol file. Also, audit log files that meet the expiration criteria specified in the audit control file will be removed.
-s Specifies that the audit system should [re]synchronize its configuration from the audit control file. A new log file will be cre-
ated.
-t Specifies that the audit system should terminate. Log files are closed and renamed to indicate the time of the shutdown.
NOTES
The auditd(8) daemon must already be running. Optionally, it can be configured to be started on-demand by launchd(8) (Mac OS X only). The
audit utility requires audit administrator privileges for successful operation.
FILES
/etc/security/audit_control Audit policy file used to configure the auditing system.
SEE ALSO
audit(4), audit_control(5), auditd(8), launchd(8)
HISTORY
The OpenBSM implementation was created by McAfee Research, the security division of McAfee Inc., under contract to Apple Computer Inc. in
2004. It was subsequently adopted by the TrustedBSD Project as the foundation for the OpenBSM distribution.
AUTHORS
This software was created by McAfee Research, the security research division of McAfee, Inc., under contract to Apple Computer Inc. Addi-
tional authors include Wayne Salamon, Robert Watson, and SPARTA Inc.
The Basic Security Module (BSM) interface to audit records and audit event stream format were defined by Sun Microsystems.
BSD
January 29, 2009 BSD