Alternative to audusr command in standard mode

10 More Discussions You Might Find Interesting

1. UNIX for Beginners Questions & Answers

Alternative to cp command

Good Afternoon, I'm backing up a folder from one NAS to another using a unix script using cp. Its a lot of files and takes several days to complete. Most of the files don't change from week to week. Is there a command that would be quicker? Also note, the backup needs to be ready-to-use in...

2. UNIX for Beginners Questions & Answers

Alternative to join command

Ubuntu, Bash 4.3.48 Hi, I have 2 files and I want to join them (line by line if the start of the lines is the same, like a ID) INPUT FILE 1 (tab delimited) aa_12_12_v_c aaa,asf,afgas,eg bb_12_43_a_d dad,ada,adaf,afa cc_56_75_d_f asd,thh,ert,rtertet INPUT FILE 2 (tab delimited)...

3. HP-UX

From a C++ application how to find if a hpux host is in standard mode or trusted mode

is there a way for my C++ application to find out which mode the hpux OS is running in? standard mode or trusted mode.

4. Shell Programming and Scripting

Maxdepth command not working in AIX.Need alternative solution for this command

Hi All, I am trying to select 30 days older files under current directory ,but not from subdirectory using below command. find <Dir> -type f -mtime + 30 This command selecting all the files from current directory and also from sub directory . I read some documention through internet ,...

5. AIX

Alternative command for topas

hi, I need alternative command for topas to check cpu %, i tried with ps but their is lot of diffference between the outputs of two commands... Thanks

6. Homework & Coursework Questions

locate command alternative,,

Use and complete the template provided. The entire template must be completed. If you don't, your post may be deleted! Ok, Im back with another small problem. I created a script (the one posted in the last thread). After some help from some members here all is good. The problem is I made it...

7. Shell Programming and Scripting

Any alternative of sar command

Hi all, I am using linux box ...i dont find the manual entry of sar command through man sar ...it is in unix not in linux although i have to check the cpu utilization and paging...any alternative of sar command.. Thanks Vijay Sahu

8. UNIX for Dummies Questions & Answers

alternative for head command

Hi friends,I am new to unix and this is really a dummy question.but please help me out. How to simulate head command without using head command??? also tail command too,also more command. it is given as a homework to do....please tell me how to do

9. HP-UX

how to distinguish standard system mode or trust system mode

I think that if the directory /tcb exists, HP-UX is in trusted mode and the passwd data is somewhere in /tcb/files/auth. But that's all I remember. Also I think recent versions of HP-UX can have a /etc/shadow file.

10. UNIX for Dummies Questions & Answers

an alternative of sed command..--imp

Hi Is there a better alternative to sed command.. or any command as an alternate to sed. Thanks!!

LEARN ABOUT HPUX

audevent

audevent(1M)															      audevent(1M)

NAME

       audevent - change or display profile, event, or system call audit status

SYNOPSIS

       profile] event]... syscall]...

DESCRIPTION

       changes	or  displays  the  auditing status of the given profile, event categories, or system calls.  A list of pre-defined profiles, event
       categories, and system call names is given in Any site-specific customizations must be added to See audit.conf(4) for more details.  A pro-
       file  consists  of  a set of operations (event categories, self-auditing events, and system calls) that affect a particular type of system.
       An event category consists of a set of operations (self-auditing events and system calls) that affect a particular aspect of the system.

       If neither nor is specified, the current status of the selected profiles, event categories, or system calls is displayed.

       If the option is supplied, it is redundant to use to specify particular events.	This also applies in the same way to the and options.	If
       no  event  category  is specified, all event categories associated with the selected profile are selected.  If no system call is specified,
       all system calls associated with the selected profile and event categories are selected.  At most one profile may be selected.

       takes effect immediately.  However, the events and system calls specified are audited only when called by a user  currently  being  audited
       (see audit(5)).

       If is specified, a list of valid profiles, event categories and system calls are displayed.  This option may be helpful when deciding which
       profile, event, or syscall to use with the or options respectively. The same information can also be found in (see audit.conf(4)).

	      Note: The set of audited system calls and corresponding audit events will change as HP-UX continues to evolve.

       Only a privileged user can change or display audit status.

   Options
       recognizes the following options and command-line arguments:

	      Audit successful events or system calls.

	      Do not audit successful events or system calls.

	      Audit failed events or system calls.

	      Do not audit failed events or system calls.

	      Select profile to change or display.

	      Select all events to change or display.

	      Select	     event to change or display.  The event must be a valid event category (base event or event alias) that is defined	in
			     or

	      Select all system calls to change or display.

	      Select	     syscall to change or display.  The syscall must be a valid system call name or system call alias name that is defined
			     in or

	      Display a list of valid profiles, event categories, and system calls.
			     This option must not be used with any other options.

       The following is a list of the pre-defined event types or categories:

	      Object creation.
			     For example:  file creation, directory creation, and other object creation.

	      Object deletion.
			     For example:  file deletion, directory deletion, and other object deletion.

	      Discretionary access control (DAC)
			     information reading events.

	      DAC modification events.

	      Non-DAC modification events.

	      Object opening.
			     For example:  file open and other object open.

	      Object closing.
			     For example:  file close and other object close.

	      Process operations.

	      Removable media events.
			     For example:  mounting and unmounting events.

	      Login and logout events not related to any particular
			     system call.

	      All administrative and privileged events.

	      Interprocess Communication (IPC) object creation.

	      IPC object opening.

	      IPC object deletion.

	      IPC Datagram transactions.

	      User-defined event 1 (for self-auditing records).

	      User-defined event 2 (for self-auditing records).

	      User-defined event 3 (for self-auditing records).

EXAMPLES

       Example 1: To display the list of valid profiles, event categories, and system calls as defined in file and use:

       Example 2: To display the current audit event selection status, use:

       The selection status for self-auditing events will be listed first, followed by the selection status for system calls.

       Example 3: To audit all and only the events that are associated with profile basic for auditing, use:

       Example 4: To audit all bad login attempts, use:

       Without doing a first, this configuration will be made incremental to what has already been configured before.

WARNINGS

       All modifications made to the auditing system are lost upon reboot.

       To make the changes permanent, set or in

AUTHOR

       was developed by HP.

FILES

       File containing event mapping information

       File containing site-specific event mapping information.

SEE ALSO

       audisp(1M), audomon(1M), audsys(1M), audusr(1M), audit.conf(4), audit(5).

																      audevent(1M)

HP-UX