10 More Discussions You Might Find Interesting
I have to set audit logs on certain events on a solaris 10 server.
While I had no problems on linux, I'm going crazy to do the same thing on solaris 10, since I don't have enough expertise on this OS .
I should be able to identify these 4 different events:
1: Tracking all... (2 Replies)
Discussion started by: menofmayhem
2. Shell Programming and Scripting
I have been searching and reading about syslog. I would like to know how to Transfer the logs being thrown into /var/log/messages into another file example /var/log/volumelog.
tail -f /var/log/messages
dblogger: msg_to_dbrow: no logtype using missing
dblogger: msg_to_dbrow_str: val ==... (2 Replies)
Discussion started by: kenshinhimura
how can i configure audit logs for global zones and standard zone. i have enabled and started auditd service and it went to maintenance mode. please help me to configure that
Thanks & Regards,
BEn (9 Replies)
Discussion started by: bentech4u
4. UNIX for Dummies Questions & Answers
I have Solaris-10 (having multiple non global zones running on it). Its /var is getting full to 100% and I can see, there are files getting added to /var/audit. There are large in number, so even if I clearing them, it is filling /var. In past 24 hours, there are 53000 files are added. I am... (1 Reply)
Discussion started by: solaris_1977
Does anyone know if there is software written to view the audit logs generated by Solaris? I am referring the the logs created by auditd. It produces an unreadable log. I am familiar with auditreduce and praudit, but I am looking for something that produces a report, much like logwatch looks at the... (4 Replies)
Discussion started by: brownwrap
My /var partition is almost utilized ... Here am not sure where to release space now
OS/model : HP-UX B.11.11 U 9000/800
# bdf /var
Filesystem kbytes used avail %used Mounted on
/dev/vg00/lvol9 6144000 6142176 1824 100% /var
<root@pb>/var # du -sk * | sort -n |... (20 Replies)
Discussion started by: Shirishlnx
7. Red Hat
I am trying to add secure and audit logs to logrotate for a client whom wants the logs for a period of 6 months, compressed/zipped weekly for auditing.
I am terrible with logrotate and since there isn't default settings for both logs, I created two new entries in my /etc/logrotate.d/... (7 Replies)
Discussion started by: hedkandi
I have the auditd running and I need to send the audit logs to a remote syslog server.
Anyideas on how to do that? (1 Reply)
Discussion started by: jmathenge
9. Filesystems, Disks and Memory
If You were the systems administrator of a mail server that services approximately 3,000 users. 2,000
users access their email via a POP-3 service, while the remaining 1,000 users access their email via a
Unix mail reader. Recently users have complained about speed of disk access, so a new 10... (1 Reply)
Discussion started by: semaphore
During a network audit, I came across a host running a service on a high port (34604). Not recognizing the port, I used a tool called 'amap' (THC-AMAP - fast and reliable application fingerprint mapper) to fingerprint it.
This tool also did not fingerprint it correctly, but did... (2 Replies)
Discussion started by: dan.king