September 2000
Beginner
1312 pages
33h 47m
English
/usr/sbin/audit -n | -s | -t
When the Basic Security Module is enabled (see bsmconv(1M) for more information), you can use the suite of auditing commands to detect potential security breaches. Auditing can reveal suspicious or abnormal patterns of system use and provide a way to trace suspect actions back to a specific user. Auditing can serve as a deterrent: if users know that their actions are likely to be audited, they may be less likely to attempt malicious activities.
Successful auditing depends on two other security features.
Identification.
Authentication.
At login, after a user supplies a user name and password, a unique audit ID is associated with the user's process. ...