10 More Discussions You Might Find Interesting
1. AIX
Hi All
I need your help to configure Aix to send logs to Qradar, I did all the methods that mentioned in IBM website and no use, Plz Help,,
The Logs should I receive from Aix and display in Qradar is (create user delete user changing in privileges....etc )
my skype account
khaled_ly84
... (4 Replies)
Discussion started by: khaled_ly84
4 Replies
2. AIX
I am trying to find out the information of my local desktop when i use putty to login to an AIX server.
This is what I do:
1. login to my PC
2. take a putty session to an AIX server
Can i get information of my local desktop from the AIX server ? Is there a command available ?
Thanks (8 Replies)
Discussion started by: Nagesh_1985
8 Replies
3. AIX
In our customer place somebody removed and PV from the server. I want the information like which user removed this PV.
Is there any way to get PV removal information.
When did the PV removed from the server ?
Whether AIX auding will help ?
Where i can get these information ?
Thank... (2 Replies)
Discussion started by: sunnybee
2 Replies
4. AIX
can some give some tips, most common security issues or and kind of advice about auditing aix system?
regards (2 Replies)
Discussion started by: bongo
2 Replies
5. AIX
Hi All,
i've a problem on a AIX server with audit config...
when i start the audit i receive this error:
root@****:/etc/security/audit > /usr/sbin/audit start
Audit start cleanup: The system call does not exist on this system.
** failed setting kernel audit objects
I don't understand... (0 Replies)
Discussion started by: Zio Bill
0 Replies
6. AIX
i have sucessfully enable the auditing on AIX with adding som onjects.
but when i go for
auditpr -v < /audit/trail
vlets say i reset audit at last dat 5 pm
auditpr -v < /audit/trail
will show up to last day 5 pm.
i have to reset audit every time to check latest logs.
please... (3 Replies)
Discussion started by: prashantjain07
3 Replies
7. UNIX for Advanced & Expert Users
:)I need a little help. I have sent all of our logs to our log server, but I can't send the audit logs that are in /var/log/audit.log. Can someone give me some type of idea to transfer these logs.
Thank You (2 Replies)
Discussion started by: aojmoj
2 Replies
8. AIX
can someone help me find out the impact of enabling audting on the entire root filesystem. does it have a major hit on the overall performance of the system
Thanks so much (0 Replies)
Discussion started by: iam
0 Replies
9. AIX
Hi,
What's the best way to turn on the auditing in AIX 4.3? I'm in an environment where root password are shared with many users.
Can sudoers member be audited properly?
Thanks (1 Reply)
Discussion started by: itik
1 Replies
10. UNIX for Dummies Questions & Answers
Hi all,
Have been asked to learn up on providing Sytem Auditing on two SCO boxes.
Where should I start and what pointers can anyone provide.
Whilst I'm learning to look after these two SCO boxes, I'm also to eventually look after three Compaq DS20E True64 Unix boxes also in the near future. (2 Replies)
Discussion started by: Cameron
2 Replies
setaudproc(2) System Calls Manual setaudproc(2)
NAME
setaudproc() - controls process level auditing for the current process and its decendents
SYNOPSIS
DESCRIPTION
controls process level auditing for the current process and its decendents. It accomplishes this by setting or clearing the flag in the
area of the calling process. When this flag is set, the system audits the process; when it is cleared, the process is not audited. This
call is restricted to users with the privilege.
One of the following flags must be used for aflag:
Audit the calling process and its decendents.
Do not audit the calling process and its decendents.
The flag is inherited by the descendents of a process. consequently, the effect of a call to is not limited to the current process, but
propagates to all its decendents as well. For example, if is called with the flag, all subsequent audited system calls in the current
process are audited until is called with the flag.
Further, performs its action regardless of whether the user executing the process has been selected to be audited or not. For example, if
is called with the (or the flag, all subsequent audited system calls will be audited (or not audited), regardless of whether the user exe-
cuting the process has been selected for auditing or not.
Due to these features, should not be used in most self-auditing applications. should be used (see audswitch(2)) when the objective is to
suspend auditing within a process without affecting its decendents or overriding the user selection aspect of the auditing system.
Security Restrictions
Some or all of the actions associated with this system call require the privilege. Processes owned by the superuser have this privilege.
Processes owned by other users may have this privilege, depending on system configuration. See privileges(5) for more information about
privileged access on systems that support fine-grained privileges.
RETURN VALUE
Upon successful completion, returns 0; otherwise, it returns -1 and sets to indicate the error.
AUTHOR
was developed by HP.
SEE ALSO
audevent(1M), audusr(1M), audswitch(2), getaudproc(2), audit(5), privileges(5).
setaudproc(2)