cancel
Showing results for 
Search instead for 
Did you mean: 

auditing with user granularity

SOLVED
Go to solution
dom kris
Frequent Advisor

auditing with user granularity

Hi,

is there a way to audit all actions for one or more specific user using auditing on Tru64 v5.1B.

I am currently setting up auditing on a Solaris 2.8 system. On this system you can audit specific events on a per user basis (e.g. execve calls).

For Tru64 I read through the Security guide but I don't find the same functionality.
I can add the execve call to the list of calls to audit but then every execve call is logged which leads to huge audit logs.

Any help greatly appreciated.

Kris Dom


1 REPLY
Ann Majeske
Honored Contributor
Solution

Re: auditing with user granularity

Hi Kris,

You can do it if you have both Enhanced Security and audit enabled. With Enhanced Security enabled, when you add or modify a user with the GUI, click on the "security" button and then "turn to" "Audit Events". If you're not using the gui, you can use the edauth command to modify the users protected password entry (see "man edauth" and "man prpasswd").

Ann