Setaudit - Fujitsu SPARC Enterprise M3000 Xscf Reference Manual

NAME setaudit - manage the system auditing functionality
SYNOPSIS setaudit enable|disable|archive|delete
setaudit [-p count|suspend] [ -m mailaddr] [-a users=enable|disable|default]
[-c classes= {enable|disable }]... [-e events=enable|disable ]... [-g
{enable|disable }] [-t percents]
setaudit -h
DESCRIPTION setaudit(8) manages the collection of data on the use of system resources. Audit
data provides a record of security-related system events. This data can be used to
assign responsibility for actions that have taken place on the system. Auditing
generates records when specified events occur. Events that generate audit records
include:
■
■
■
■
You must have auditadm privileges to run this command.
Privileges
Refer to setprivileges(8) for more information.
OPTIONS The following options are supported:
-a users=enable|disable|default
-c classes=enable|disable
System startup and shutdown
Login and logout
Authentication actions
Administrative actions
Sets the audit record generation policy for the specified users. users is a
comma-separated list of valid user names.
When set to enable or disable, audit record generation for the users is
turned on or off respectively. This setting overrides the global policy for the
specified user.
When set to default, the policy for the users is set to follow the global policy.
Use showaudit -g to display the global user audit record generation policy.
Changes the audit record generation policy for the specified audit classes.
classes is a comma-separated list of audit classes. A class may be specified by
its numeric value or its name. The ACS_ prefix may be omitted. For example,
the class of audit-related events can be expressed as ACS_AUDIT, AUDIT or 16.

setaudit(8)

System Administration 149