*nix Documentation Project
·  Home
 +   man pages
·  Linux HOWTOs
·  FreeBSD Tips
·  *niX Forums

  man pages->Tru64 Unix man pages -> audgenl (3)              



NAME    [Toc]    [Back]

       audgenl - generate an audit record

SYNOPSIS    [Toc]    [Back]

       #include <sys/audit.h>

       int audgenl(
               unsigned event [,token_type, token_val] ... , 0 );

LIBRARY    [Toc]    [Back]

       Audit Library  - libaud.a and libaud.so

PARAMETERS    [Toc]    [Back]

       The event value of the operation being  audited.   A  type
       and value pair defining the data to be placed in the audit

DESCRIPTION    [Toc]    [Back]

       This routine is an interface to the audgen() system  call.
       It  accepts  a variable number of arguments describing the
       event and audit data, then calls audgen() with the  appropriate
  parameters to generate the audit record. This routine
 is found in  the  library  and  is  loaded  with  the
       libaud.a and libaud.so -laud option.

       The event argument indicates the event value of the operation
 being audited, as defined in audit.h.  The  value  of
       event  must  be  between  one of the following two values:
       -1 MIN_SITE_EVENT and MIN_SITE_EVENT + n_site_events -1

       The  constants  are  defined in audit.h. The definition of
       n_site_events is determined by executing the sysconfig  -q
       sec audit_site_events command on the running kernel.

       The  argument  pairs  containing  token_type and token_val
       describe the data that is to  be  placed  into  the  audit
       record.  The  argument  token_type  describes  the type of
       data, as defined in the set of public tokens (in audit.h).

       The  argument  token_val should be set to the value of the
       token when the token is represented by an int or long data
       type,  or  be a pointer to the data described by the token
       when the token references a  character  string,  or  other
       variable length field or structure.

RESTRICTIONS    [Toc]    [Back]

       The audgen() system call is privileged.

       The  maximum number of token_type, token_val pairs allowed
       is  128,  with  no  more  than  8  instances  of  any  one

RETURN VALUES    [Toc]    [Back]

       On  successful completion, a value of 0 is returned.  Otherwise,
 a value of -1 is returned and the  global  integer
       variable errno is set to indicate the error.

ERRORS    [Toc]    [Back]

       The  user is not privileged for this operation.  The value
       supplied for an argument is  invalid.   The  audit  record
       exceeds  the  audit  record size.  Indicates an attempt to
       use a system call that is not configured.   The  tokenmask
       data  is  invalid.  The size argument is non-zero, and the
       userbuff argument is invalid.  A value referenced  by  the
       argv argument is invalid.

SEE ALSO    [Toc]    [Back]

       audgen(2), sysconfig(8), sysconfigdb(8)


[ Back ]
 Similar pages
Name OS Title
audgen Tru64 Generates an audit record
audwrite HP-UX write an audit record for a self-auditing process
satwrite IRIX write a block of audit record data
satread IRIX read a block of audit record data
sat_read_header_info IRIX Portable interfaces to read audit record headers
sat_summarize IRIX generate statistics on a stream of audit records
sat_eventtostr IRIX convert an audit event index to/from an audit event string
sat_write_filehdr IRIX write audit file header, write close time to audit file header
satgetid IRIX get or set audit identity
auditd Tru64 Audit daemon
Copyright © 2004-2005 DeniX Solutions SRL
newsletter delivery service