*nix Documentation Project
·  Home
 +   man pages
·  Linux HOWTOs
·  FreeBSD Tips
·  *niX Forums

  man pages->HP-UX 11i man pages -> dcecp_aud (1m)              
Title
Content
Arch
Section
 

Contents


 aud(1m)                  Open Software Foundation                   aud(1m)




 NAME    [Toc]    [Back]
      aud - A dcecp object that manages the audit daemon on a DCE host

 SYNOPSIS    [Toc]    [Back]
      aud disable [remote_audit_daemon_name]

      aud enable [remote_audit_daemon_name]

      aud help [operation | -verbose]

      aud modify [remote_audit_daemon_name]
      {-change attribute_list | -attribute value}

      aud operations

      aud rewind [remote_audit_daemon_name]

      aud show [remote_audit_daemon_name] [-attributes]

      aud stop [remote_audit_daemon_name]


 ARGUMENTS    [Toc]    [Back]
      operation The name of the aud operation for which to display help
                information.

      remote_audit_daemon_name
                By default, operations pertain to the local audit daemon.
                This argument specifies the name or the binding of the
                remote audit daemon to operate on.  The name syntax is as
                follows:

                /.../cellname/hosts/hostname/auditd


                A remote audit daemon can also be specified with a string
                binding for the remote host on which the audit daemon is
                running.  Use a string binding such as the following:

                ncacn_ip_tcp:130.105.1.227[endpoint]

                Alternatively, you can specify the binding by using Tcl
                syntax such as the following:

                {ncacn_ip_tcp 130.105.1.227 1234}


 DESCRIPTION    [Toc]    [Back]
      The aud object represents the audit daemon (called auditd in the
      reference implementation) on a host.  The daemon creates audit trails
      on a single host.  Using this command, you can enable or disable a



 Hewlett-Packard Company            - 1 OSF DCE 1.1/HP DCE 1.8 PHSS_26394-96






 aud(1m)                  Open Software Foundation                   aud(1m)




      daemon, change how the daemon acts when the file system storage for
      its audit trail is full, and rewind an audit trail file.

      This command operates on the audit daemon named in the optional
      remote_audit_daemon_name argument. If the argument is not supplied,
      the command operates on the audit daemon named by the _s(aud)
      convenience variable. If the variable is not set, the command operates
      on the audit daemon on the local host.

 ATTRIBUTES    [Toc]    [Back]
      stostrategy {save | wrap}
                The audit trail storage strategy of the daemon.  This
                attribute defines what the daemon does if the audit trail
                storage is full.  Its possible values are as follows:


                save      If the specified trail size limit is reached (the
                          default is 2 MB), auditd saves the current trail
                          file to a new file (this file has the same name as
                          the original trail file, with the date and time
                          appended).  Then, auditd deletes the contents of
                          the original trail file and continues auditing
                          from the beginning of this file. This is the
                          default value for stostrategy.

                wrap      The daemon overwrites the old audit trails.


      state {enabled | disabled}
                Specifies whether the audit daemon is accepting audit log
                requests.  The values are enabled or disabled. The default
                is enabled.


      See the OSF DCE Administration Guide for more information about audit
      attributes.

 OPERATIONS    [Toc]    [Back]
    aud disable
      Disables an audit daemon.  The syntax is as follows:

      aud disable [remote_audit_daemon_name]


      The disable operation disables the audit record logging service of an
      audit daemon and changes its state attribute to disabled. This
      operation returns an empty string on success.

      Privileges Required    [Toc]    [Back]





 Hewlett-Packard Company            - 2 OSF DCE 1.1/HP DCE 1.8 PHSS_26394-96






 aud(1m)                  Open Software Foundation                   aud(1m)




      You must have c (control) permission on the audit daemon's ACL, and
      you must be authenticated.

      Examples    [Toc]    [Back]

      dcecp> aud disable
      dcecp>


    aud enable
      Enables an audit daemon.  The syntax is as follows:

      aud enable [remote_audit_daemon_name]


      The enable operation enables the audit record logging service of an
      audit daemon and changes its state attribute to enabled.  This
      operation returns an empty string on success.

      Privileges Required    [Toc]    [Back]

      You must have c (control) permission on the audit daemon's ACL, and
      you must be authenticated.

      Examples    [Toc]    [Back]

      dcecp> aud enable
      dcecp>


    aud help
      Returns help information about the aud object and its operations.  The
      syntax is as follows:

      aud help [operation | -verbose]


      Options    [Toc]    [Back]


      -verbose  Displays information about the aud object.


      Used without an argument or option, the aud help command returns brief
      information about each aud operation. The optional operation argument
      is the name of an operation about which you want detailed information.
      Alternatively, you can use the -verbose option for more detailed
      information about the aud object itself.

      Privileges Required    [Toc]    [Back]




 Hewlett-Packard Company            - 3 OSF DCE 1.1/HP DCE 1.8 PHSS_26394-96






 aud(1m)                  Open Software Foundation                   aud(1m)




      No special privileges are needed to use the aud help command.

      Examples    [Toc]    [Back]

      dcecp> aud help
      disable             Disables the audit daemon.
      enable              Enables the audit daemon.
      modify              Modifies the attributes of the audit daemon.
      rewind              Rewinds the specified audit trail file to the beginning.
      show                Returns the attributes of an audit daemon.
      stop                Stops the audit daemon.
      help                Prints a summary of command-line options.
      operations          Returns a list of the valid operations for this command.
      dcecp>


    aud modify
      Changes the values of audit attributes.  The syntax is as follows:

      aud modify [remote_audit_daemon_name]
      {-change attribute_list | -attribute value}


      Options    [Toc]    [Back]


      -attribute value
                As an alternative to using the -change option with an
                attribute list, you can specify individual attribute options
                by prepending a hyphen (-) to any attribute listed in the
                ATTRIBUTES section of this reference page.

      -change attribute_list
                Allows you to specify attributes by using an attribute list
                rather than individual attribute options. The format of an
                attribute list is as follows:

                {{attribute value}...{attribute value}}


      The modify operation allows modification of the audit daemon
      attributes.  It accepts the -change option which takes an attribute
      list as a value. This operation returns an empty string on success.

      Privileges Required    [Toc]    [Back]

      You must have c (control) permission on the audit daemon's ACL, and
      you must be authenticated.

      Examples    [Toc]    [Back]




 Hewlett-Packard Company            - 4 OSF DCE 1.1/HP DCE 1.8 PHSS_26394-96






 aud(1m)                  Open Software Foundation                   aud(1m)




      dcecp> aud modify -change {{stostrategy wrap} {state enabled}}
      dcecp> aud modify -stostrategy wrap -state enabled
      dcecp>


    aud operations
      Returns a list of the operations supported by the aud object. The
      syntax is as follows:

      aud operations


      The list of available operations is in alphabetical order except for
      help and operations, which are listed last.

      Privileges Required    [Toc]    [Back]

      No special privileges are needed to use the aud operations command.

      Examples    [Toc]    [Back]

      dcecp> aud operations
      disable enable modify rewind show stop help operations
      dcecp>


    aud rewind
      Rewinds the central audit trail file to the beginning.  The syntax is
      as follows:

      aud rewind [remote_audit_daemon_name]


      The rewind operation by default operates on the central trail file.
      This operation returns an empty string on success.

      Privileges Required    [Toc]    [Back]

      You must have c (control) permission on the audit daemon's ACL, and
      you must be authenticated.

      Examples    [Toc]    [Back]

      dcecp> aud rewind
      dcecp>


    aud show
      Returns the attribute list for the audit daemon. The syntax is as
      follows:




 Hewlett-Packard Company            - 5 OSF DCE 1.1/HP DCE 1.8 PHSS_26394-96






 aud(1m)                  Open Software Foundation                   aud(1m)




      aud show [remote_audit_daemon_name] [-attributes]


      Options    [Toc]    [Back]


      -attributes
                Returns audit daemon attributes.


      The show operation returns the attribute list for the audit daemon.
      The attributes are returned in lexical order.  The -attributes option
      is provided for consistency with other dcecp commands.  It does not
      change the performance of the command.

      Privileges Required    [Toc]    [Back]

      You must have r (read) permission on the audit daemon, and you must be
      authenticated.

      Examples    [Toc]    [Back]

      dcecp> aud show
      {stostrategy wrap}
      {state enabled}
      dcecp>


    aud stop
      Stops the audit daemon.  The syntax is as follows:

      aud stop [remote_audit_daemon_name]


      The stop operation stops the audit daemon process.  This operation
      returns an empty string on success.

      Privileges Required    [Toc]    [Back]

      You must have c (control) permission on the audit daemon, and you must
      be authenticated.

      Examples    [Toc]    [Back]

      dcecp> aud stop
      dcecp>


 RELATED INFORMATION    [Toc]    [Back]
      Commands:      auditd(1m),       dcecp(1m),       dcecp_audevents(1m),
      dcecp_audfilter(1m), dcecp_audtrail(1m).



 Hewlett-Packard Company            - 6 OSF DCE 1.1/HP DCE 1.8 PHSS_26394-96






 aud(1m)                  Open Software Foundation                   aud(1m)




      Files:   aud_audit_events(5),   dts_audit_events(5),   event_class(5),
      sec_audit_events(5).


 Hewlett-Packard Company            - 7 -OSF DCE 1.1/HP DCE 1.8 PHSS_26394-96
[ Back ]
 Similar pages
Name OS Title
dcecp_audfilter HP-UX A dcecp object that manages the event filters on a DCE host
dcecp_audevents HP-UX A dcecp object that lists audit events on a DCE host
dcecp_secval HP-UX A dcecp object that manages the security validation service on a host
dcecp_clock HP-UX A dcecp object that manages the clock on a local or remote host
dcecp_host HP-UX A dcecp task object that manages host information in a DCE cell
dcecp_rpcentry HP-UX A dcecp object that manages an RPC entry in CDS
dcecp_clearinghouse HP-UX A dcecp object that manages a clearinghouse in CDS
dcecp_directory HP-UX A dcecp object that manages a CDS directory
dcecp_dts HP-UX A dcecp object that manages a dtsd process
dcecp_server HP-UX A dcecp object that manages DCE application servers
Copyright © 2004-2005 DeniX Solutions SRL
newsletter delivery service