HPE Community
Operating System - HP-UX
1837520 Members
3602 Online
110117 Solutions
New Discussion

audit log full

 
Rashid Hamid
Regular Advisor

‎03-20-2006 07:55 PM

‎03-20-2006 07:55 PM

audit log full

/log filesystem full because of audit trail log growing rapidly.
The size of /log is 2gb

Is there a way to trim or to stop auditlog when reaching certain limit?

Thanks
I'm Parit Madirono/Parit Betak Boyz
0 Kudos
Reply
5 REPLIES 5
RAC_1
Honored Contributor

‎03-20-2006 07:58 PM

‎03-20-2006 07:58 PM

Re: audit log full

What auidting?? hp-ux auditing?? Check acctresume and acctsuspend kernel tuables. these settings will decide, when auditing will stop on account of free epsace available.
There is no substitute to HARDWORK
0 Kudos
Reply
Muthukumar_5
Honored Contributor

‎03-20-2006 08:04 PM

‎03-20-2006 08:04 PM

Re: audit log full

Do you mean auding system log(s). You can configure with /etc/rc.config.d/auditing. See man audsys page more.

--
Muthu
Easy to suggest when don't know about the problem!
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎03-20-2006 08:08 PM

‎03-20-2006 08:08 PM

Re: audit log full

Shalom,

A script is needed to move the logs out of there once in a while.

#!/usr/bin/ksh

audsys -f
mv /home/secure/aud* /backups
audsys -n -c /home/secure/audfile1 -s 10000 -x /home/secure/audfile2 -z 10000

Change this code as you need it to handle the change.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Arunvijai_4
Honored Contributor

‎03-20-2006 08:20 PM

‎03-20-2006 08:20 PM

Re: audit log full

Hello,

You can delete the unwanted log files, also, you can use logrotate,

http://hpux.connect.org.uk/hppd/hpux/Sysadmin/logrotate-2.5/

-Arun
"A ship in the harbor is safe, but that is not what ships are built for"
0 Kudos
Reply
Muthukumar_5
Honored Contributor

‎03-20-2006 08:23 PM

‎03-20-2006 08:23 PM

Re: audit log full

You can write a script to check file size of log file and trim simply as,

> logfile (to make file with 0 size)

or to stop

audisp -f

Automate with crontab to check every 5 seconds.

--
Muthu
Easy to suggest when don't know about the problem!
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.