by Jerry Freema » Thu, 30 Sep 1999 04:00:00
by Greg Andre » Thu, 30 Sep 1999 04:00:00
>I looking for a way to identify when the audit daemon process
>terminates normally and/or more importantly abnormally. Is there anyway
>to attach to the daemon process and get a signal when it terminates? Any
>other possible solutions would be appreciated. Thanks
>Jerry.
-Greg
--
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
by Jerry Freema » Thu, 30 Sep 1999 04:00:00
> >I looking for a way to identify when the audit daemon process
> >terminates normally and/or more importantly abnormally. Is there anyway
> >to attach to the daemon process and get a signal when it terminates? Any
> >other possible solutions would be appreciated. Thanks
> >Jerry.
> Take a look at the man page for pwait (/usr/proc/bin/pwait).
> Perhaps that will do what you're looking for.
> -Greg
> --
> ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
by Alexander Rung » Fri, 01 Oct 1999 04:00:00
Hi all,
- I enabled BSM by runing the script /etc/security/bsmconv
- The file /etc/system is updated. I reboot the server.
- The process auditd is started at boot.
Now, i have binary file in directory :
/var/audit/20050309114754.not_terminated.MyServer
Can you tell me how can i read this file ?
Where process auditd log data (/var/adm/messages... ?)
Does BSM consume lot of Memory/CPU ?
ThankYou very much for your help
NS
4. Problems building rcs 5.6.0.1 on a Cray YMP runniing UNICOS 8.
6. Tar --exclude ? (before I give up....)
8. Sockets...
10. Question about Solaris BSM and Auditd
11. auditd available for linux???
12. AUDITD