Canmove, confirm
937
edits
Changes
→Access to System Audit Log
#tail -0f *not_terminated* | praudit
Note: On Trusted Solaris 8 you need to assume a role with the tail and praudit commands with the proc_audit_app1 proc_audit_appl and proc_audit_tcb privileges.
You can also view the existing audit files using auditreduce.
