|
|
Sponsored Content
Operating Systems
HP-UX
Hpux C2 Auditing
Post 66236 by Perderabo on Friday 11th of March 2005 06:02:59 PM
03-11-2005
|
|
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
I am running HPUX and using WLM (workload manager). I want to write a script to fork CPUs to basically take CPUs from other servers to show that the communication is working and CPU licensing is working. Basically, I want to build a script that will use up CPU on a server. Any ideas? (2 Replies)
Discussion started by: cpolikowsky
2 Replies
2. UNIX for Advanced & Expert Users
:)I need a little help. I have sent all of our logs to our log server, but I can't send the audit logs that are in /var/log/audit.log. Can someone give me some type of idea to transfer these logs.
Thank You (2 Replies)
Discussion started by: aojmoj
2 Replies
3. Cybersecurity
Hi dear friends
I have an RHEL5 installed and I gave all users on it rbash shell, Now I want to audit all commands that they did in there shell once they enter them, Can any guide me to the way
Thanks (2 Replies)
Discussion started by: reaky
2 Replies
4. HP-UX
I'm sharing this in case anybody needs it. Modified from the original solaris pwage script. This modified hpux script will check /etc/password file on hpux trusted systems search /tcb and grep the required u_succhg field. Calculate days to expiry and notify users via email.
original solaris... (2 Replies)
Discussion started by: sparcguy
2 Replies
5. Shell Programming and Scripting
I need a command line that will ls -l a directory and pick (grep?) all files that don't match a desired owner without losing track of the filename at any point. This way I can list later on "here are all the files with an incorrect owner". Thanks in advance (4 Replies)
Discussion started by: stevensw
4 Replies
6. AIX
Hi All,
i've a problem on a AIX server with audit config...
when i start the audit i receive this error:
root@****:/etc/security/audit > /usr/sbin/audit start
Audit start cleanup: The system call does not exist on this system.
** failed setting kernel audit objects
I don't understand... (0 Replies)
Discussion started by: Zio Bill
0 Replies
7. Solaris
Hi ,
I don't want logs from a particular "library" to get recorded in the audit.log file. Is that possible with BSM? Please guide.
Thanks. (2 Replies)
Discussion started by: chinchao
2 Replies
8. AIX
can some give some tips, most common security issues or and kind of advice about auditing aix system?
regards (2 Replies)
Discussion started by: bongo
2 Replies
9. UNIX for Advanced & Expert Users
I have implemented solaris login authenticating against an active directory server, using solaris x86 on a Dell R810 8xXeon CPUs and 262Gb RAM.
The actual OS is:
# uname -a
SunOS ms-svr012 5.10 Generic_142910-17 i86pc i386 i86pc
# cat /etc/release
Oracle Solaris 10 9/10... (2 Replies)
Discussion started by: jabberwocky
2 Replies
10. Infrastructure Monitoring
Hi Folks,
I have Nagios 3.0.6 which is monitoring 400+ servers in my environment and is administered by multiple administrators. I want to get notified if somebody enable or disable any notification of any of the hosts/services from GUI. Is it possible to configure?
If so, how? (0 Replies)
Discussion started by: SiddhV
0 Replies
LEARN ABOUT HPUX
audwrite
audwrite(2) System Calls Manual audwrite(2) NAME
audwrite() - write an audit record for a self-auditing process SYNOPSIS
DESCRIPTION
is called by self-auditing processes, which are capable of turning off the regular auditing using the system call (see audswitch(2)) and doing higher-level auditing on their own. is restricted to users with the privilege. checks to see if the auditing system is on and the calling process and the event specified are being audited. If these conditions are met, writes the audit record pointed to by audrec_p into the audit trail. The record consists of an audit record body and a header with the following fields: /* Date/time (tv_sec of timeval) */ /* Process ID */ /* Success/failure */ /* Event being audited */ /* Length of variant part */ The body contains additional information about the high-level audit event. The header fields and are specified by the calling process. fills in and fields with the correct values. this is done to reduce the risk of forgery. Beginning with 11i version 3 release, converts the record into a different format before writing it into the current audit trail. Security Restrictions Some or all of the actions associated with this system call require the privilege. Processes owned by the superuser have this privilege. Processes owned by other users may have this privilege, depending on system configuration. See privileges(5) for more information about privileged access on systems that support fine-grained privileges. RETURN VALUE
If the write is successful, a value of is returned. Otherwise, a value of is returned and is set to indicate the reason for the failure. ERRORS
fails if one of the following is true: The caller does not possess the privilege. The event number in the audit record is invalid. WARNINGS
If causes a file space overflow, the calling process might be suspended until the file space is cleaned up. However, a returned call with the return value of indicates that the audit record has been successfully written. AUTHOR
was developed by HP. SEE ALSO
audswitch(2), audit(4), privileges(5). audwrite(2)