10 More Discussions You Might Find Interesting
1. AIX
Hi All
I need your help to configure Aix to send logs to Qradar, I did all the methods that mentioned in IBM website and no use, Plz Help,,
The Logs should I receive from Aix and display in Qradar is (create user delete user changing in privileges....etc )
my skype account
khaled_ly84
... (4 Replies)
Discussion started by: khaled_ly84
4 Replies
2. AIX
I am trying to find out the information of my local desktop when i use putty to login to an AIX server.
This is what I do:
1. login to my PC
2. take a putty session to an AIX server
Can i get information of my local desktop from the AIX server ? Is there a command available ?
Thanks (8 Replies)
Discussion started by: Nagesh_1985
8 Replies
3. AIX
In our customer place somebody removed and PV from the server. I want the information like which user removed this PV.
Is there any way to get PV removal information.
When did the PV removed from the server ?
Whether AIX auding will help ?
Where i can get these information ?
Thank... (2 Replies)
Discussion started by: sunnybee
2 Replies
4. Shell Programming and Scripting
Hi, there!
a long PATH... makes the OS access the disk quite often, hence there is a lot of disk I/O
a long PATH... makes the OS compute a lot of ..., hence a high CPU load
(Edited/added later: Yes, this is not about the lenght of the env. var., but about the number of directories listed.)... (1 Reply)
Discussion started by: Jochen_Hayek
1 Replies
5. UNIX for Advanced & Expert Users
Hello,
I am doing fluid simulations using OpenFOAM. This program produces a lot of output every time step.
Producing output is surely not the most time consuming part, but I wonder whether writing output to the terminal or writing it into a file is faster.
With thousands of time steps a... (1 Reply)
Discussion started by: Chuck Morris
1 Replies
6. AIX
can some give some tips, most common security issues or and kind of advice about auditing aix system?
regards (2 Replies)
Discussion started by: bongo
2 Replies
7. AIX
Hi All,
i've a problem on a AIX server with audit config...
when i start the audit i receive this error:
root@****:/etc/security/audit > /usr/sbin/audit start
Audit start cleanup: The system call does not exist on this system.
** failed setting kernel audit objects
I don't understand... (0 Replies)
Discussion started by: Zio Bill
0 Replies
8. AIX
i have sucessfully enable the auditing on AIX with adding som onjects.
but when i go for
auditpr -v < /audit/trail
vlets say i reset audit at last dat 5 pm
auditpr -v < /audit/trail
will show up to last day 5 pm.
i have to reset audit every time to check latest logs.
please... (3 Replies)
Discussion started by: prashantjain07
3 Replies
9. AIX
I have a question relating with AIX auditing Question is can we set Auditing on a particular file in AIX for a particular application only?
Let say I have a file name "info.jar" and I have three application named APP1, APP2 & APP3 which are accessing that file so I want to know that which... (0 Replies)
Discussion started by: m_raheelahmed
0 Replies
10. AIX
Hi,
What's the best way to turn on the auditing in AIX 4.3? I'm in an environment where root password are shared with many users.
Can sudoers member be audited properly?
Thanks (1 Reply)
Discussion started by: itik
1 Replies
audwrite(2) System Calls Manual audwrite(2)
NAME
audwrite() - write an audit record for a self-auditing process
SYNOPSIS
DESCRIPTION
is called by self-auditing processes, which are capable of turning off the regular auditing using the system call (see audswitch(2)) and
doing higher-level auditing on their own. is restricted to users with the privilege.
checks to see if the auditing system is on and the calling process and the event specified are being audited. If these conditions are met,
writes the audit record pointed to by audrec_p into the audit trail. The record consists of an audit record body and a header with the
following fields:
/* Date/time (tv_sec of timeval) */
/* Process ID */
/* Success/failure */
/* Event being audited */
/* Length of variant part */
The body contains additional information about the high-level audit event. The header fields and are specified by the calling process.
fills in and fields with the correct values. this is done to reduce the risk of forgery. Beginning with 11i version 3 release, converts
the record into a different format before writing it into the current audit trail.
Security Restrictions
Some or all of the actions associated with this system call require the privilege. Processes owned by the superuser have this privilege.
Processes owned by other users may have this privilege, depending on system configuration. See privileges(5) for more information about
privileged access on systems that support fine-grained privileges.
RETURN VALUE
If the write is successful, a value of is returned. Otherwise, a value of is returned and is set to indicate the reason for the failure.
ERRORS
fails if one of the following is true:
The caller does not possess the
privilege.
The event number in the audit record is invalid.
WARNINGS
If causes a file space overflow, the calling process might be suspended until the file space is cleaned up. However, a returned call with
the return value of indicates that the audit record has been successfully written.
AUTHOR
was developed by HP.
SEE ALSO
audswitch(2), audit(4), privileges(5).
audwrite(2)