HPE GreenLake Administration
- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Resource requirements for auditing
Operating System - HP-UX
1832994
Members
2023
Online
110048
Solutions
Forums
Categories
Company
Local Language
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-24-2005 11:57 AM
10-24-2005 11:57 AM
Resource requirements for auditing
I would like to enable auditing on our HP-UX systems to track user and system activities. Is there a document available that helps plan for hard disk space requirements when auditing is enabled?
4 REPLIES 4
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-24-2005 12:18 PM
10-24-2005 12:18 PM
Re: Resource requirements for auditing
Not really. As with all logging, it depends on what you enable for auditing. You may see the logfiles growing at a few megs per day or a few megs per minute. The most important change is to specify a new location for the two auditing files. By default, they are on /, a very bad place for log files. I would start with a dedicated lvol, perhaps 1-3 Gb in size, then tell auditing where this mountpoint is located. Be sure to read the man pages for the auditing system, and have a plan for analyzing and archiving the results. Most of the time, the audtiting files will probably be skipped over and just held for record purposes.
Remember that the more items you pick for auditing, the faster the logfiles will grow. Be sure you know how to terminate auditing in case you need to stop the logs.
Bill Hassell, sysadmin
Remember that the more items you pick for auditing, the faster the logfiles will grow. Be sure you know how to terminate auditing in case you need to stop the logs.
Bill Hassell, sysadmin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-31-2005 05:29 AM
10-31-2005 05:29 AM
Re: Resource requirements for auditing
Hi there,
There's not a lot of planning ducumentation out there, as frankly it depends on how much logging you do and how busy your system is.
Here's a link to the doc though:
http://docs.hp.com/en/5991-1821/ch06s03.html
and here's a relevent reference I found (Though I know *I'd* leave a lot more than 5MB... they did say minimal.):
"Choose a file system with adequate space for your audit log files. You can assess the size of your file systems using the bdf command. HP recommends you configure your log files to at least the following parameters:
*The file system must have more than 5000 KB available for the primary audit log file.
*It must have more than 20% of its total file space available.
Tip: HP recommends that the primary and auxiliary audit log files reside on separate file systems.
There's not a lot of planning ducumentation out there, as frankly it depends on how much logging you do and how busy your system is.
Here's a link to the doc though:
http://docs.hp.com/en/5991-1821/ch06s03.html
and here's a relevent reference I found (Though I know *I'd* leave a lot more than 5MB... they did say minimal.):
"Choose a file system with adequate space for your audit log files. You can assess the size of your file systems using the bdf command. HP recommends you configure your log files to at least the following parameters:
*The file system must have more than 5000 KB available for the primary audit log file.
*It must have more than 20% of its total file space available.
Tip: HP recommends that the primary and auxiliary audit log files reside on separate file systems.
Those Who Would Sacrifice Liberty for Security Deserve Neither." - Benjamin Franklin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-01-2005 03:41 AM
11-01-2005 03:41 AM
Re: Resource requirements for auditing
Bill, Robert
Thank you for taking the time to answer my question.
AD
Thank you for taking the time to answer my question.
AD
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-01-2005 03:48 AM
11-01-2005 03:48 AM
Re: Resource requirements for auditing
My question was answered with users suggestions and prior experience, as well as a link to a document that addressed the topic of my question:
http://docs.hp.com/en/5991-1821/ch06s03.html
http://docs.hp.com/en/5991-1821/ch06s03.html
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
Company
Events and news
Customer resources
© Copyright 2025 Hewlett Packard Enterprise Development LP