10 More Discussions You Might Find Interesting
1. AIX
Hi All
I need your help to configure Aix to send logs to Qradar, I did all the methods that mentioned in IBM website and no use, Plz Help,,
The Logs should I receive from Aix and display in Qradar is (create user delete user changing in privileges....etc )
my skype account
khaled_ly84
... (4 Replies)
Discussion started by: khaled_ly84
4 Replies
2. AIX
I am trying to find out the information of my local desktop when i use putty to login to an AIX server.
This is what I do:
1. login to my PC
2. take a putty session to an AIX server
Can i get information of my local desktop from the AIX server ? Is there a command available ?
Thanks (8 Replies)
Discussion started by: Nagesh_1985
8 Replies
3. AIX
In our customer place somebody removed and PV from the server. I want the information like which user removed this PV.
Is there any way to get PV removal information.
When did the PV removed from the server ?
Whether AIX auding will help ?
Where i can get these information ?
Thank... (2 Replies)
Discussion started by: sunnybee
2 Replies
4. Shell Programming and Scripting
Hi, there!
a long PATH... makes the OS access the disk quite often, hence there is a lot of disk I/O
a long PATH... makes the OS compute a lot of ..., hence a high CPU load
(Edited/added later: Yes, this is not about the lenght of the env. var., but about the number of directories listed.)... (1 Reply)
Discussion started by: Jochen_Hayek
1 Replies
5. UNIX for Advanced & Expert Users
Hello,
I am doing fluid simulations using OpenFOAM. This program produces a lot of output every time step.
Producing output is surely not the most time consuming part, but I wonder whether writing output to the terminal or writing it into a file is faster.
With thousands of time steps a... (1 Reply)
Discussion started by: Chuck Morris
1 Replies
6. AIX
can some give some tips, most common security issues or and kind of advice about auditing aix system?
regards (2 Replies)
Discussion started by: bongo
2 Replies
7. AIX
Hi All,
i've a problem on a AIX server with audit config...
when i start the audit i receive this error:
root@****:/etc/security/audit > /usr/sbin/audit start
Audit start cleanup: The system call does not exist on this system.
** failed setting kernel audit objects
I don't understand... (0 Replies)
Discussion started by: Zio Bill
0 Replies
8. AIX
i have sucessfully enable the auditing on AIX with adding som onjects.
but when i go for
auditpr -v < /audit/trail
vlets say i reset audit at last dat 5 pm
auditpr -v < /audit/trail
will show up to last day 5 pm.
i have to reset audit every time to check latest logs.
please... (3 Replies)
Discussion started by: prashantjain07
3 Replies
9. AIX
I have a question relating with AIX auditing Question is can we set Auditing on a particular file in AIX for a particular application only?
Let say I have a file name "info.jar" and I have three application named APP1, APP2 & APP3 which are accessing that file so I want to know that which... (0 Replies)
Discussion started by: m_raheelahmed
0 Replies
10. AIX
Hi,
What's the best way to turn on the auditing in AIX 4.3? I'm in an environment where root password are shared with many users.
Can sudoers member be audited properly?
Thanks (1 Reply)
Discussion started by: itik
1 Replies
PAM_TTY_AUDIT(8) Linux-PAM Manual PAM_TTY_AUDIT(8)
NAME
pam_tty_audit - Enable or disable TTY auditing for specified users
SYNOPSIS
pam_tty_audit.so [disable=patterns] [enable=patterns]
DESCRIPTION
The pam_tty_audit PAM module is used to enable or disable TTY auditing. By default, the kernel does not audit input on any TTY.
OPTIONS
disable=patterns
For each user matching one of comma-separated glob patterns, disable TTY auditing. This overrides any previous enable option matching
the same user name on the command line.
enable=patterns
For each user matching one of comma-separated glob patterns, enable TTY auditing. This overrides any previous disable option matching
the same user name on the command line.
open_only
Set the TTY audit flag when opening the session, but do not restore it when closing the session. Using this option is necessary for
some services that don't fork() to run the authenticated session, such as sudo.
MODULE TYPES PROVIDED
Only the session type is supported.
RETURN VALUES
PAM_SESSION_ERR
Error reading or modifying the TTY audit flag. See the system log for more details.
PAM_SUCCESS
Success.
NOTES
When TTY auditing is enabled, it is inherited by all processes started by that user. In particular, daemons restarted by an user will still
have TTY auditing enabled, and audit TTY input even by other users unless auditing for these users is explicitly disabled. Therefore, it is
recommended to use disable=* as the first option for most daemons using PAM.
To view the data that was logged by the kernel to audit use the command aureport --tty.
EXAMPLES
Audit all administrative actions.
session required pam_tty_audit.so disable=* enable=root
SEE ALSO
aureport(8), pam.conf(5), pam.d(5), pam(8)
AUTHOR
pam_tty_audit was written by Miloslav Trma <mitr@redhat.com>.
Linux-PAM Manual 04/01/2010 PAM_TTY_AUDIT(8)