DOC HOME SITE MAP MAN PAGES GNU INFO SEARCH PRINT BOOK
 

Configuring auditing

Default configuration settings for the auditing subsystem

Tunable parameters for auditing
    Auditing's tunable parameters file
    Description of auditing tunables
        The ADT_NBUF tunable
        The ADT_BSIZE tunable
        The ADT_LWP_BSIZE tunable
        The ADT_NLVLS tunable
    Displaying or changing a tunable parameter for auditing

Configuring the /etc/default/audit file
    The /etc/default/audit file
        Deciding whether to use DISABLE or SHUTDOWN
        Using defadm to configure the log file and audit actions

Configuring auditing with the auditlog command
    Specifying the type and location of the audit event log file with auditlog
    Using auditlog to specify the name of the audit event log file
    Using auditlog to specify the high water mark
        Writing records directly to the log file
    Using auditlog to specify the size of the log file
    Using auditlog to specify the action when the log file is full

Specifying continuous auditing
    Specifying an alternate log file

Displaying auditing subsystem settings

Setting audit criteria with the auditset command
    Using auditset to set system-Wide audit criteria
    Setting user audit criteria
        Setting user audit criteria with auditset
        Setting user audit criteria with useradd or usermod
        Setting a default audit mask for all users
    Displaying audit criteria

Auditing NIS users

Starting and stopping the audit subsystem
    Starting auditing from the command line
    Stopping auditing from the command line
    Starting the audit subsystem with /etc/init.d/audit

A quick reference to enabling audit