audgen(8) [osf1 man page]

audgen(8)						      System Manager's Manual							 audgen(8)

NAME

       audgen - Generates an audit record

SYNOPSIS

       /usr/sbin/audgen audit_record_parameter_list

DESCRIPTION

       The  audgen  utility  generates an audit record, which is placed in the auditlog.  Standard audit event information, such as identification
       information and a timestamp, are automatically inserted.  The audit_record_parameter_list consists of 1 to 8  strings,  each  of  which	is
       inserted into the audit record.	The event type is set to AUDGEN8.

RESTRICTIONS

       This  utility makes use of the audgen system call, which requires privilege.  No record will be generated if the event AUDGEN8 is not being
       audited for the current process.

EXAMPLES

       The following is an example of an audit_record_parameter_list for audgen:

       # audgen "string 1" "string 2" string3

RELATED INFORMATION

       Commands: auditconfig(8)

       Functions: audgen(2) delim off

																	 audgen(8)

audwrite(2)							System Calls Manual						       audwrite(2)

NAME

       audwrite() - write an audit record for a self-auditing process

SYNOPSIS

DESCRIPTION

       is  called  by  self-auditing processes, which are capable of turning off the regular auditing using the system call (see audswitch(2)) and
       doing higher-level auditing on their own.  is restricted to users with the privilege.

       checks to see if the auditing system is on and the calling process and the event specified are being audited.  If these conditions are met,
       writes  the  audit  record  pointed to by audrec_p into the audit trail.  The record consists of an audit record body and a header with the
       following fields:

	      /* Date/time (tv_sec of timeval) */
	      /* Process ID */
	      /* Success/failure */
	      /* Event being audited */
	      /* Length of variant part */

       The body contains additional information about the high-level audit event.  The header fields and are specified	by  the  calling  process.
       fills  in  and fields with the correct values.  this is done to reduce the risk of forgery.  Beginning with 11i version 3 release, converts
       the record into a different format before writing it into the current audit trail.

   Security Restrictions
       Some or all of the actions associated with this system call require the privilege.  Processes owned by the superuser have  this	privilege.
       Processes  owned  by  other users may have this privilege, depending on system configuration.  See privileges(5) for more information about
       privileged access on systems that support fine-grained privileges.

RETURN VALUE

       If the write is successful, a value of is returned.  Otherwise, a value of is returned and is set to indicate the reason for the failure.

ERRORS

       fails if one of the following is true:

	      The caller does not possess the
			     privilege.

	      The event number in the audit record is invalid.

WARNINGS

       If causes a file space overflow, the calling process might be suspended until the file space is cleaned up.  However, a returned call  with
       the return value of indicates that the audit record has been successfully written.

AUTHOR

       was developed by HP.

SEE ALSO

       audswitch(2), audit(4), privileges(5).

																       audwrite(2)