HP UX Auditing System Extensions manual For more information, Send comments to HP

Page 26

For more information

To read more about the HP-UX Auditing System, see the following:

Manpages (either installed on the system or at http://www.hp.com/go/hpux-clickable-manpages

HP-UX System Administration Guide: Security Management at: http://www.hp.com/go/hpux-core-docs

Click on the HP-UX version you want and scroll down to User guide.

Send comments to HP

HP welcomes your input. Please give us comments about this white paper, or suggestions for the HP- UX Security or related documentation, through our technical documentation feedback website:

http://www.hp.com/bizsupport/feedback/ww/webfeedback.html

Share with colleagues

© Copyright 2011 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.

Trademark acknowledgments, if needed.

5900-1628, Created July 2011

Page 25 Page 26
Image 26
Page 25 Page 26
Contents Configuring and Managing the Auditing System HP-UX 11i v2 and 11i v3 SecurityAudience IntroductionArchitecture CommandsAuditing system overview Files System callsDaemons Audit events Audit tagsAudit trail PID identification records Version recordsSystem call table records System call audit recordsAudit tunable parameters HP-UX 11i v3 only Self-auditing programsAudit aware Page Newgrp1 modaccess Setfilexsec1M modaccess Could not lock file Audit unaware Executing login pid = pid. ipcopenNetworking service = ftp Remote user Usernameunspecified Local SystemAudit Filtering Auditing system extensions HP-UX 11i v3 onlyDynamically Linked Kernel Modules Audit Reporting HP-UX Auditing System AdministrationInstallation Userdbset command. See userdbset1M and userdb4 ConfigurationConfiguring users for audit Configuring audit settings to be preserved across reboots Configuring events for auditConfiguring audit filtering Configuring roles Role, operation, objectEnabling auditing Reads the /etc/rc.config.d/auditing fileManagement Disabling auditingDpms service module implementation Writing a Dpms service moduleService Provider Interfaces SPIs Best practicesAudit policy Audit generation and captureAudit retention and storage Audit log analysisOpt/audit/AudReport/bin TroubleshootingAudit log configuration, security, and protection Page Glossary Audwrite2Page For more information Send comments to HP
Top Page Image Contents