219
edits
Changes
m
# Edit /etc/security/audit_class
# Edit /etc/security/audit_event
# Edit /etc/security/audit_control
→Access to System Audit Log
-r--r----- 1 root root 5242936 May 20 18:01 audit.log.2
On Solaris default audit records are stored in system_name:/var/audit/. '''Configure the Solaris Auditing:'''
To configure the System Audit Logs on Solaris the following administration tasks need to be completed. Create the audit class 'fp', then create the audit event 'AUE_FIPS_AUDIT ' and add the class 'fp' to the audit_control file.
add line:
0x99000000:fp:NSS FIPs Security Msgs
add line:
34444:AUE_FIPS_AUDIT:fp
add 'fp' to the "flags:" as in:
flags:lo,ap,fp