viewaudit(8)

EXAMPLE 5 Displaying Audit Records Within a Range of Two Days

XSCF> viewaudit -A 20060125 -B +2d

file,1,2006-01-26 16:11:52.785 - 05:00,20060126211152.0000000000.jupiter.west.company.com subject,1,jsmith,normal,ssh 51409 jupiter.west header,56,1,command - showldap,jupiter.west,2006-01-27 21:15:12.416 - 05:00

subject,4,jblake,normal,telnet 51409 sr1.company.com command,showldap

platform access,granted return,0 subject,7,bob,normal,ssh 40952 mars.com

header,57,1,command - viewaudit,mars.company.com,2006-01-26 16:12:16.127 -05:00

subject,0,opl,normal,ssh 40952 apps command,viewaudit

platform access,denied

 

EXAMPLE 6 Displaying First 5 Records (of 70) that Match a Date Range

 

XSCF> viewaudit -l -A 20070515 -B 20070516 -C -S 1 -E 5

 

file,1,2007-05-07 10:47:56.753 -07:00,20070507174756.0000000000.san-ff2-

 

36-0

 

 

header,37,1,login - telnet,san-ff2-36-0.West.Sun.COM,2007-05-15

 

00:12:03.880 -07:00,subject,1084,root,escalation,telnet 56444

 

recon.West.Sun.COM

 

header,37,1,login - telnet,san-ff2-36-0.West.Sun.COM,2007-05-15

 

00:27:29.382 -07:00,subject,1085,root,escalation,telnet 62134

 

recon.West.Sun.COM

 

header,37,1,login - telnet,san-ff2-36-0.West.Sun.COM,2007-05-15

 

00:29:05.313 -07:00,subject,1086,root,escalation,telnet 33231

 

recon.West.Sun.COM

 

header,37,1,login - telnet,san-ff2-36-0.West.Sun.COM,2007-05-15

 

00:42:04.800 -07:00,subject,1087,root,escalation,telnet 38058

 

recon.West.Sun.COM

 

70

 

EXIT STATUS

The following exit values are returned:

 

0

Successful completion.

 

>0

An error occurred.

SEE ALSO

setaudit(8), showaudit(8)

System Administration

415