audit in solaris 10


 
Thread Tools Search this Thread
Operating Systems Solaris audit in solaris 10
# 1  
Old 11-06-2008
audit in solaris 10

can you please share what you use to audit what files are deleted, when files are deleted and who deleted them?

thx
# 2  
Old 11-06-2008
have a look at the command "bart".
The Blog of Ben Rockwood
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Solaris

Audit not working on Solaris 10

hi, I enabled bsm modules (/etc/security/bsmconv) and rebooted Solaris 10. But service is going into maintenance state. I rebooted server and I see one error saying "sys/c2audit:audit_kssl() not defined properly". I am not sure, what it is indicating and how it should be fixed. Please suggest, how... (5 Replies)
Discussion started by: solaris_1977
5 Replies

2. Solaris

Solaris 10 audit, need to catch redirections

Hello, I've installed solaris audit on a Solaris 10 SPARC system. Latest patch 143962-04 is installed. My problem is that while I can catch all arguments and processes created, I cannot catch a redirection. ie cat /tmp/test.txt > /tmp/test2.txtCatches the first part but not the redirection.... (5 Replies)
Discussion started by: gowron
5 Replies

3. Solaris

How to view audit logs in Solaris?

Does anyone know if there is software written to view the audit logs generated by Solaris? I am referring the the logs created by auditd. It produces an unreadable log. I am familiar with auditreduce and praudit, but I am looking for something that produces a report, much like logwatch looks at the... (4 Replies)
Discussion started by: brownwrap
4 Replies

4. Solaris

Enabling Solaris Audit log: Solaris 9

Dear All, I have one of my Servers, running Solaris 9. I wanna enable the Audit log enabling, the way I did in Solaris 10 Servers. After running, the bsmconv script, giving the reboots, modifying all the audit files in /etc/security, the audit is enabled, but the audit file which shall be... (3 Replies)
Discussion started by: sumeet1806
3 Replies

5. Solaris

Solaris - remote server audit

Looking for some way of running a script on one machine, giving it a list of IP addresses and it goes away and gets info from them. Things such as server type, memory, processors etc. Does such a thing exist? (3 Replies)
Discussion started by: psychocandy
3 Replies

6. Solaris

Audit in Solaris Servers.

Hi Friends I am a Solaries newbie and I am looking out for a software or command or config that can capture all commands run by all users on a server on a daily basis. I believe that this Audit is being done in almost all enterprises and would like to know how the same is done there. Any... (3 Replies)
Discussion started by: Hari_Ganesh
3 Replies

7. Solaris

audit useradd, userdel on solaris 10

I just want to audit and log to syslog when a user is added, removed or modified from the system. According to the docs I have: #/etc/security/audit_control dir:/var/audit flags:ua minfree:20 naflags:ua plugin:name=audit_syslog.so.1; p_flags=ua But neither syslog nor auditreduce -c ua... (7 Replies)
Discussion started by: glisha
7 Replies

8. Solaris

audit in solaris

How do I know that audit is enabled in soalris. in AIX 'audit query' command gives me the info whether auditing is on or not. Raghav (1 Reply)
Discussion started by: raghavender_sri
1 Replies

9. Solaris

Solaris BSM audit log

I got a lot of this message in my /var/audit log how can I exclude this message? header,127,2,invalid event number,fe,hostsol1.com.sg,2007-12-21 00:10:01.001 +08:00,argument,1,0x5,processor ID,argument ,2,0x3,flag,text,P_STATUS,subject,zhang1,root,root,root,root,18228,576129155,291 131094... (1 Reply)
Discussion started by: geoffry
1 Replies

10. Solaris

Sun Solaris Audit Program

Hi All, Any one has, sun solaris audit program which covers everything one need to check as a security auditor. Audit Program will help. Thanks, Ghanshyam Emails not allowed - see the Rules (4 Replies)
Discussion started by: ghanshyampatel
4 Replies
Login or Register to Ask a Question