Canmove, confirm
937
edits
Changes
→Access to Audit Data
===Access to Audit Data===
The NSS module may use the Unix <code>syslog()</code> function and the audit mechanism provided by the operating system to audit events. Access to the audit data is described in the next two subsections.
====Access to syslog Messages====
On Unix (including Linux and Mac OS X), the NSS module uses the <code>syslog()</code> function to audit events, so the NSS audit data are stored in the system log. Only the root user can modify the system log. On some platforms, only the root user can read the system log; on other platforms, all the users can read the system log.
The system log is usually under the <code>/var/adm</code> or <code>/var/log</code> directory. The exact location of the system log is specified in the <code>/etc/syslog.conf</code> file. NSS uses the default '''user''' facility and the '''info''', '''warning''', and '''err''' severity levels for its log messages. We give two examples below.
