Re: set up auditing

Gary_O · ‎04-09-2004

I would like to set up auditing to try and see why files/directories might be getting deleted. Also, seems I have ghost atjobs running (the #########.a file was manually removed from the atjobs directory, instead of using at -r)

What items should I audit for?

Steven E. Protter · ‎04-09-2004

You can make your system trusted with the tsconvert command or

as root

sam
auditing and security

You should be able to turn on trusted system there.

There are impacts on cron users and such and the step should be planned carefully.

SEP

Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com

Gary_O · ‎04-09-2004

I do not want to complicate matters.

There are a LOT of events/calls that can be monitored. Can someone help me pinpoint the most pertinent for my needs?

And what is the impact on use of cron?

Sundar_7 · ‎04-09-2004

Hi,

Audit the events delete and the system call unlink.

Sundar

Learn What to do ,How to do and more importantly When to do ?

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: set up auditing

set up auditing