HPE GreenLake Administration
- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: Questions about auditing
Operating System - HP-UX
1834022
Members
2283
Online
110063
Solutions
Forums
Categories
Company
Local Language
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-15-2004 07:11 AM
04-15-2004 07:11 AM
Questions about auditing
Hey all,
We had the /.secure/etc filesystem file up a few days ago. This caused some pretty major headaches, and in hindsight I believe I was probably auditing too much, but I've come here to put it to the pros and see what they think.
I'm wondering what others out here audit for. We really only have 4 or 5 people with command line access to the system, and so I'm interested to hear what people think. Is there a reason to have auditing turned on at all?
Thanks for all the input in advance!
Tim
We had the /.secure/etc filesystem file up a few days ago. This caused some pretty major headaches, and in hindsight I believe I was probably auditing too much, but I've come here to put it to the pros and see what they think.
I'm wondering what others out here audit for. We really only have 4 or 5 people with command line access to the system, and so I'm interested to hear what people think. Is there a reason to have auditing turned on at all?
Thanks for all the input in advance!
Tim
Hey! Who turned out the lights!
3 REPLIES 3
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-15-2004 07:49 AM
04-15-2004 07:49 AM
Re: Questions about auditing
Well, there is definitely a benefit to turning it on. A lot of times, someone could execute something without realizing that it caused any harm. If auditing is enabled, it allows you to see what happened. So it's intention is not just for malicious behavior, but also for tracking activity in general to help determine why something is now not working the way it should.
If system utilization is an issue, take a look at Powerbroker. It does not drain the system as much as other auditing tools.
-Hazem
If system utilization is an issue, take a look at Powerbroker. It does not drain the system as much as other auditing tools.
-Hazem
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-15-2004 07:53 AM
04-15-2004 07:53 AM
Re: Questions about auditing
Hi Tim,
I dont use auditing and dont believe many uses auditing either. But that doesnt mean auditing is a total waste :-)
One usage I can think of is, it helps to audit the file/dir removal, file permission changes and other whole lot of events.
I would rather turn it on when required for a period of time and turn it off when I am done with it.
Sundar.
I dont use auditing and dont believe many uses auditing either. But that doesnt mean auditing is a total waste :-)
One usage I can think of is, it helps to audit the file/dir removal, file permission changes and other whole lot of events.
I would rather turn it on when required for a period of time and turn it off when I am done with it.
Sundar.
Learn What to do ,How to do and more importantly When to do ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-15-2004 11:47 PM
04-15-2004 11:47 PM
Re: Questions about auditing
According to me, auditing on hpux is pretty
useless (or i don't know how to use it).
I will give you an example : if you do
something on a file, audisp will return
you an inode and a driveid (or something like that). How the hell can one determine
the real filename ? With a global find ?
Should there be a great light that knows the
answer : enlight me too !
useless (or i don't know how to use it).
I will give you an example : if you do
something on a file, audisp will return
you an inode and a driveid (or something like that). How the hell can one determine
the real filename ? With a global find ?
Should there be a great light that knows the
answer : enlight me too !
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
Company
Events and news
Customer resources
© Copyright 2025 Hewlett Packard Enterprise Development LP