September 2000
Beginner
1312 pages
33h 47m
English
/usr/sbin/auditd
The auditd audit daemon controls the generation and location of audit trail files. When the Basic Security Module is enabled, the audit_control file is read at system startup and the auditd daemon is automatically started. See bsmconv(1M) for information on how to enable the Basic Security Module.
The /etc/security/audit_startup file is an executable script that is invoked as part of the startup sequence just before the execution of the audit daemon (see audit_startup(1M)). A default audit_startup script, shown below, automatically configures the event to class mappings and sets the audit policies during the BSM (Basic Security Module) package ...