- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: Password Change Recorded? Audit Records/elsewh...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-19-2011 02:49 PM
тАО01-19-2011 02:49 PM
Password Change Recorded? Audit Records/elsewhere
Is there another file I should be reviewing, maybe the
# /usr/lbin/getprpw userid
- Tags:
- getprpw
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-19-2011 09:52 PM
тАО01-19-2011 09:52 PM
Re: Password Change Recorded? Audit Records/elsewhere
Cheers!
Anshu
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-20-2011 02:03 AM
тАО01-20-2011 02:03 AM
Re: Password Change Recorded? Audit Records/elsewhere
read this document about "trusted systems"
& looks at enabling auditing on HP-UX machines
http://docstore.mik.ua/manuals/hp-ux/en/5992-3387/ch10s02.html#v817608
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-20-2011 02:10 AM
тАО01-20-2011 02:10 AM
Re: Password Change Recorded? Audit Records/elsewhere
1. Convert the system to trusted mode (in sam)
2. Sam -> auditing
SAM -> Auditing and Security -> Any of Auditing events, users or system calls option and you will see on the top Auditing Turned : OFF or a ON depending on the status.
You can enable from Actions - TURN AUDITING ON
Also you need to select which events, users and system calls you want to get audited and make sure you have enough space in the selected audit log directory or filesystem.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-20-2011 02:50 AM
тАО01-20-2011 02:50 AM
Re: Password Change Recorded? Audit Records/elsewhere
The system call you are looking for is probably getevent(2) as it captures events and system calls that are being audited. However, it is at the verge of obsolescense. All of this depends on a lot of things. Auditing can be configured by enabling trusted system and also with the SMSE database.
Check man 2 getevent!
Regards
Ismail Azad
- Tags:
- SMSE