|
|
Sponsored Content
Top Forums
UNIX for Advanced & Expert Users
Question about Auditing
Post 54758 by DPAI on Monday 23rd of August 2004 01:23:46 PM
08-23-2004
|
|
10 More Discussions You Might Find Interesting
1. Solaris
How do I setup audit to alert on write conditions for individual files? Thanks. (3 Replies)
Discussion started by: dxs
3 Replies
2. UNIX for Advanced & Expert Users
:)I need a little help. I have sent all of our logs to our log server, but I can't send the audit logs that are in /var/log/audit.log. Can someone give me some type of idea to transfer these logs.
Thank You (2 Replies)
Discussion started by: aojmoj
2 Replies
3. AIX
Hi there,
I want to enable auditing for the following events in a critical AIX UNIX server by editing the /etc/syslog.conf file:
Authentication events (login success, login failure, logout)
Privilege use events (change to another user etc.) ... (1 Reply)
Discussion started by: venksel
1 Replies
4. Shell Programming and Scripting
I need a command line that will ls -l a directory and pick (grep?) all files that don't match a desired owner without losing track of the filename at any point. This way I can list later on "here are all the files with an incorrect owner". Thanks in advance (4 Replies)
Discussion started by: stevensw
4 Replies
5. AIX
Hi All,
i've a problem on a AIX server with audit config...
when i start the audit i receive this error:
root@****:/etc/security/audit > /usr/sbin/audit start
Audit start cleanup: The system call does not exist on this system.
** failed setting kernel audit objects
I don't understand... (0 Replies)
Discussion started by: Zio Bill
0 Replies
6. Solaris
Hi ,
I don't want logs from a particular "library" to get recorded in the audit.log file. Is that possible with BSM? Please guide.
Thanks. (2 Replies)
Discussion started by: chinchao
2 Replies
7. AIX
can some give some tips, most common security issues or and kind of advice about auditing aix system?
regards (2 Replies)
Discussion started by: bongo
2 Replies
8. UNIX for Advanced & Expert Users
I have implemented solaris login authenticating against an active directory server, using solaris x86 on a Dell R810 8xXeon CPUs and 262Gb RAM.
The actual OS is:
# uname -a
SunOS ms-svr012 5.10 Generic_142910-17 i86pc i386 i86pc
# cat /etc/release
Oracle Solaris 10 9/10... (2 Replies)
Discussion started by: jabberwocky
2 Replies
9. SCO
edit: solution found
Auditing Quick Start and Compatibility Notes (1 Reply)
Discussion started by: Linusolaradm1
1 Replies
10. AIX
In our customer place somebody removed and PV from the server. I want the information like which user removed this PV.
Is there any way to get PV removal information.
When did the PV removed from the server ?
Whether AIX auding will help ?
Where i can get these information ?
Thank... (2 Replies)
Discussion started by: sunnybee
2 Replies
LEARN ABOUT LINUX
bsmconv
bsmconv(1M) System Administration Commands bsmconv(1M) NAME
bsmconv, bsmunconv - enable or disable the Basic Security Module (BSM) on Solaris SYNOPSIS
/etc/security/bsmconv [rootdir...] /etc/security/bsmunconv [rootdir...] DESCRIPTION
The bsmconv and bsmunconv scripts are used to enable or disable the BSM features on a Solaris system. The optional argument rootdir is a list of one or more root directories of diskless clients that have already been configured. See smdiskless(1M). To enable or disable BSM on a diskless client, a server, or a stand-alone system, logon as super-user to the system being converted and use the bsmconv or bsmunconv commands without any options. To enable or disable BSM on a diskless client from that client's server, logon to the server as super-user and use bsmconv, specifying the root directory of each diskless client you wish to affect. For example, the command: myhost# bsmconv /export/root/client1 /export/root/client2 enables BSM on the two machines named client1 and client2. While the command: myhost# bsmconv enables BSM only on the machine called myhost. It is no longer necessary to enable BSM on both the server and its diskless clients. After running bsmconv the system can be configured by editing the files in /etc/security. Each diskless client has its own copy of configu- ration files in its root directory. You might want to edit these files before rebooting each client. Following the completion of either script, the affected system(s) should be rebooted to allow the auditing subsystem to come up properly initialized. FILES
The following files are created by bsmconv: /etc/security/device_maps Administrative file defining the mapping of device special files to allocatable device names. /etc/security/device_allocate Administrative file defining parameters for device allocation. ATTRIBUTES
See attributes(5) for descriptions of the following attributes: +-----------------------------+-----------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +-----------------------------+-----------------------------+ |Availability |SUNWcsr | +-----------------------------+-----------------------------+ SEE ALSO
auditconfig(1M), auditd(1M), audit_startup(1M), audit.log(4), audit_control(4), attributes(5) NOTES
bsmconv and bsmunconv are not valid in a non-global zone. SunOS 5.10 26 May 2004 bsmconv(1M)