auditd — Control the Generation and Location of Audit Trail Files
Synopsis
/usr/sbin/auditd
Description
The auditd audit daemon controls the generation and location of audit trail files. When the Basic Security Module is enabled, the audit_control file is read at system startup and the auditd daemon is automatically started. See bsmconv(1M) for information on how to enable the Basic Security Module.
The /etc/security/audit_startup file is an executable script that is invoked as part of the startup sequence just before the execution of the audit daemon (see audit_startup(1M)). A default audit_startup script, shown below, automatically configures the event to class mappings and sets the audit policies during the BSM (Basic Security Module) package ...
Get Solaris™ 8 System Administrator's Reference now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.