Login or Register to Ask a Question and Join Our Community


Solaris

How to view audit logs in Solaris?

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Solaris How to view audit logs in Solaris?
# 1  
Old 01-17-2013
How to view audit logs in Solaris?
Does anyone know if there is software written to view the audit logs generated by Solaris? I am referring the the logs created by auditd. It produces an unreadable log. I am familiar with auditreduce and praudit, but I am looking for something that produces a report, much like logwatch looks at the system logs and produces a report.
# 2  
Old 01-18-2013
Use
Code:
praudit

on files in /var/audit/*
# 3  
Old 01-18-2013
Quote:
Originally Posted by jim mcnamara
Use
Code:
praudit

on files in /var/audit/*
I believe I said I was already familiar with praudit.
# 4  
Old 01-18-2013
my bad. You just named the reporting tools. praudit -x gives you xml output if that is any assistance.

There is snare - SNARE - Auditing and EventLog Management | Free Security & Utilities software downloads at SourceForge.net

It is Windows based - last time I saw it. I have not used it, so I cannot comment.
It reads audit events, as I understand it it.
This User Gave Thanks to jim mcnamara For This Post:
brownwrap
# 5  
Old 01-18-2013
SNARE
Thank you. Never heard of SNARE. I will check it out.

---------- Post updated 01-18-13 at 06:44 PM ---------- Previous update was 01-17-13 at 10:42 PM ----------

Quote:
Originally Posted by jim mcnamara
my bad. You just named the reporting tools. praudit -x gives you xml output if that is any assistance.

There is snare - SNARE - Auditing and EventLog Management | Free Security & Utilities software downloads at SourceForge.net

It is Windows based - last time I saw it. I have not used it, so I cannot comment.
It reads audit events, as I understand it it.
There were several versions. Downloaded and installed it today. This appears to be exactly what I was looking for. I installed the Solaris version and was able to access the server remotely via a browser.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Solaris

Settings audit logs for different tasks. Help me!!!

Hi guys. I have to set audit logs on certain events on a solaris 10 server. While I had no problems on linux, I'm going crazy to do the same thing on solaris 10, since I don't have enough expertise on this OS . I should be able to identify these 4 different events: 1: Tracking all... (2 Replies)
Discussion started by: menofmayhem
2 Replies

2. Shell Programming and Scripting

Help with Shell Script to View Logs

Hi I'm very new to unix shell scripting. Im also new here in this forum. I'm a SQL Server DBA but I'm slowly learning Oracle and Sybase DB. Our Oracle and Sybase are on Unix platforms. Im slowly learning Linux Admin and Shell Scripting to automate tasks. I'm writing a script to view DB error... (4 Replies)
Discussion started by: Ricky777
4 Replies

3. Solaris

How can i enable audit logs for global zone and standard zones?

HI Community, how can i configure audit logs for global zones and standard zone. i have enabled and started auditd service and it went to maintenance mode. please help me to configure that Thanks & Regards, BEn (9 Replies)
Discussion started by: bentech4u
9 Replies

4. Solaris

Configuring 'auditd' service to not store the audit logs in /var partition

Hello all, I've configured 'audit' service to send the audit logs to a remote log server (by using syslog plugin), which is working fine. However, there is a problem. audit service also tries to write same information (but in binary format) in /var/audit path. So, Is there anyway to stop... (2 Replies)
Discussion started by: Anti_Evil
2 Replies

5. Solaris

Enabling Solaris Audit log: Solaris 9

Dear All, I have one of my Servers, running Solaris 9. I wanna enable the Audit log enabling, the way I did in Solaris 10 Servers. After running, the bsmconv script, giving the reboots, modifying all the audit files in /etc/security, the audit is enabled, but the audit file which shall be... (3 Replies)
Discussion started by: sumeet1806
3 Replies

6. Red Hat

Secure & Audit logs

Hi all I am trying to add secure and audit logs to logrotate for a client whom wants the logs for a period of 6 months, compressed/zipped weekly for auditing. I am terrible with logrotate and since there isn't default settings for both logs, I created two new entries in my /etc/logrotate.d/... (7 Replies)
Discussion started by: hedkandi
7 Replies

7. UNIX for Dummies Questions & Answers

how to view dynamically updated managed server logs from the same putty window

Hi, I want to know how we can view two or three logs which are dynamically getting updated from a single/same putty window with tail commnad. Thanks. (7 Replies)
Discussion started by: reachsudha
7 Replies

8. UNIX for Advanced & Expert Users

How to view the unix logs in windows ??

Hi ! I have a FTP site, where I softlinked my server log file. Now I want to view the logs in IE as I do in unix Some kind of free tool should be there, Can somebody provide me a pointer. Thanks. (0 Replies)
Discussion started by: dashok.83
0 Replies

9. Shell Programming and Scripting

Shell script to view logs of a server

Please share a shell script to collect logs of a server (like cpu utilization, memory etc) for a perticular time interval by giving date, time and server name as input. (1 Reply)
Discussion started by: abhishek27
1 Replies

10. UNIX for Dummies Questions & Answers

view access logs telenet

Hello one of my sites i host is doing somewhat well in the search engines, and i would like to watch the raw log files while looged in with telenet is there a way to do this. thanx Mike (2 Replies)
Discussion started by: whothought1
2 Replies
Login or Register to Ask a Question