Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Hpux C2 Auditing
Operating Systems HP-UX Hpux C2 Auditing Post 66059 by gmh on Thursday 10th of March 2005 06:14:10 PM
Old 03-10-2005
Hpux C2 Auditing
I am trying to find out if there are any recommendations regarding what events/system calls should be audited as a starting point. I am new to the auditing side of things and am not really to sure what best to log - any ideas or know of any resources which make recommendations in this respect ???
 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Need Script to Use CPUs on a HPUX server to simulate Workload Manager on HPUX.

I am running HPUX and using WLM (workload manager). I want to write a script to fork CPUs to basically take CPUs from other servers to show that the communication is working and CPU licensing is working. Basically, I want to build a script that will use up CPU on a server. Any ideas? (2 Replies)
Discussion started by: cpolikowsky
2 Replies

2. UNIX for Advanced & Expert Users

Auditing

:)I need a little help. I have sent all of our logs to our log server, but I can't send the audit logs that are in /var/log/audit.log. Can someone give me some type of idea to transfer these logs. Thank You (2 Replies)
Discussion started by: aojmoj
2 Replies

3. Cybersecurity

bash auditing

Hi dear friends I have an RHEL5 installed and I gave all users on it rbash shell, Now I want to audit all commands that they did in there shell once they enter them, Can any guide me to the way Thanks (2 Replies)
Discussion started by: reaky
2 Replies

4. HP-UX

pwage-hpux-T for Trusted HPUX servers

I'm sharing this in case anybody needs it. Modified from the original solaris pwage script. This modified hpux script will check /etc/password file on hpux trusted systems search /tcb and grep the required u_succhg field. Calculate days to expiry and notify users via email. original solaris... (2 Replies)
Discussion started by: sparcguy
2 Replies

5. Shell Programming and Scripting

Auditing script

I need a command line that will ls -l a directory and pick (grep?) all files that don't match a desired owner without losing track of the filename at any point. This way I can list later on "here are all the files with an incorrect owner". Thanks in advance (4 Replies)
Discussion started by: stevensw
4 Replies

6. AIX

Help me! AUDITING AIX

Hi All, i've a problem on a AIX server with audit config... when i start the audit i receive this error: root@****:/etc/security/audit > /usr/sbin/audit start Audit start cleanup: The system call does not exist on this system. ** failed setting kernel audit objects I don't understand... (0 Replies)
Discussion started by: Zio Bill
0 Replies

7. Solaris

BSM auditing

Hi , I don't want logs from a particular "library" to get recorded in the audit.log file. Is that possible with BSM? Please guide. Thanks. (2 Replies)
Discussion started by: chinchao
2 Replies

8. AIX

AIX auditing

can some give some tips, most common security issues or and kind of advice about auditing aix system? regards (2 Replies)
Discussion started by: bongo
2 Replies

9. UNIX for Advanced & Expert Users

kinit auditing

I have implemented solaris login authenticating against an active directory server, using solaris x86 on a Dell R810 8xXeon CPUs and 262Gb RAM. The actual OS is: # uname -a SunOS ms-svr012 5.10 Generic_142910-17 i86pc i386 i86pc # cat /etc/release Oracle Solaris 10 9/10... (2 Replies)
Discussion started by: jabberwocky
2 Replies

10. Infrastructure Monitoring

Nagios Auditing

Hi Folks, I have Nagios 3.0.6 which is monitoring 400+ servers in my environment and is administered by multiple administrators. I want to get notified if somebody enable or disable any notification of any of the hosts/services from GUI. Is it possible to configure? If so, how? (0 Replies)
Discussion started by: SiddhV
0 Replies

LEARN ABOUT HPUX

getevent

getevent(2)							System Calls Manual						       getevent(2)

NAME

       getevent() - get events and system calls that are currently being audited

SYNOPSIS

   Remarks
       This  function is provided purely for backward compatibility.  HP recommends that new applications use the command to get events and system
       calls that are currently being audited.	See audevent(1M).

DESCRIPTION

       gets the events and system calls being audited.	The events are returned in a table pointed to by a_event.  The system calls  are  returned
       in a table pointed to by a_syscall.  This call is restricted to users with the privilege.

   Security Restrictions
       Some  or  all of the actions associated with this system call require the privilege.  Processes owned by the superuser have this privilege.
       Processes owned by other users may have this privilege, depending on system configuration.  See privileges(5) for  more	information  about
       privileged access on systems that support fine-grained privileges.

RETURN VALUE

       Upon successful completion, a value of 0 is returned; otherwise, a -1 is returned and is set to indicate the error.

ERRORS

       fails if the following is true:

       The caller does not have the
		      privilege.

AUTHOR

       was developed by HP.

SEE ALSO

       audevent(1M), setevent(2), privileges(5).

								  TO BE OBSOLETED						       getevent(2)
All times are GMT -4. The time now is 04:35 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy