showaudit(8)
330 SPARC Enterprise Mx000 Servers XSCF Reference Manual • Last Revised July 2010
OPTIONS The following options are supported:
-a users Displays the audit record generation policy for the specified users.
users is a comma-separated list of valid user names.
-c classes Displays the audit record generation policy for the specified audit
classes. classes is a comma-separated list of audit classes. A class
may be specified by its numeric value or its name. The ACS_ prefix
may be omitted. For example, the class of audit related events can
be expressed as ACS_AUDIT, AUDIT or 16.
The following are valid classes:
all Denotes all classes.
ACS_SYSTEM(1) System-related events
ACS_WRITE(2) Commands that can modify a state
ACS_READ(4) Commands that read a current state
ACS_LOGIN(8) Login-related events
ACS_AUDIT(16) Audit-related events
ACS_DOMAIN(32) Domain management–related
events
ACS_USER(64) User management–related events
ACS_PLATFORM(128) Platform management–related
events
ACS_MODES(256) Mode-related events
-e events Displays the audit record generation policy for the specified audit
events. events is a comma-separated list of audit events. An event
may be specified by its numeric value or its name. The AEV_ prefix
may be omitted. For example, the event for SSH login can be
expressed as AEV_LOGIN_SSH, LOGIN_SSH, or 0.
See showaudit -e all for a list of all valid events.
-g Displays the global user audit record generation policy.
-h Displays usage statement.
When used with other options or operands, an error occurs.
-m Displays the address to which email is sent when the local audit
storage space usages reaches a threshold.