Content-type: text/html Man page of audit_binfile

audit_binfile

Section: Standards, Environments, and Macros (5)
Updated: 20 May 2008
Index Return to Main Contents
 

NAME

audit_binfile - generation of Solaris audit logs  

SYNOPSIS

/usr/lib/security/audit_binfile.so

 

DESCRIPTION

The audit_binfile plugin module for Solaris audit, /usr/lib/security/audit_binfile.so, writes binary audit data to files as configured in audit_control(4); it is the default plugin for the Solaris audit daemon auditd(1M). Its output is described by audit.log(4).

The audit_binfile plugin is loaded by auditd if audit_control contains one or more lines defining audit directories by means of the dir: specification or if audit_control has a plugin: specification of name=audit_binfile.so.  

OBJECT ATTRIBUTES

The p_dir and p_minfree attributes are equivalent to the dir: and minfree: lines described in audit_control. If both the dir: line and the p_dir attribute are used, the plugin combines all directories into a single list with those specified by means of dir: at the front of the list. If both the minfree and the p_minfree attributes are given, the p_minfree value is used.

The p_fsize attribute defines the maximum size in bytes that an audit file can become before it is automatically closed and a new audit file opened. This is equivalent to an administrator issuing an audit -n command when the audit file contains the specified number of bytes. The default size is zero (0), which allows the file to grow without bound. The value specified must be within the range of [512,000, 2,147,483,647].  

EXAMPLES

The following directives cause audit_binfile.so to be loaded, specify the directories for writing audit logs, and specify the percentage of required free space per directory.

flags: lo,ad,-fm
naflags: lo,ad
plugin: name=audit_binfile.so;\
p_minfree=20;\
p_dir=/etc/security/jedgar/eggplant,\
/etc/security/jedgar.aux/eggplant,\
/etc/security/global/eggplant

 

ATTRIBUTES

See attributes(5) for a description of the following attributes:

ATTRIBUTE TYPEATTRIBUTE VALUE

MT LevelMT-Safe

Interface Stability

 

SEE ALSO

auditd(1M), audit_control(4), syslog.conf(4), attributes(5)


 

Index

NAME
SYNOPSIS
DESCRIPTION
OBJECT ATTRIBUTES
EXAMPLES
ATTRIBUTES
SEE ALSO

This document was created by man2html, using the manual pages.
Time: 02:39:47 GMT, October 02, 2010