System Administration Guide: Security Services

Configuring and Enabling the Audit Service (Task Map)

The following task map points to procedures for configuring and enabling the audit service. The tasks are ordered.



For Instructions 

1. (Optional) Change the audit configuration files 

Selects which events, classes, and users require auditing. 

Configuring Audit Files (Task Map)

2. Create audit partitions 

Creates disk space for the audit files, and protects them with file permissions. 

How to Create Partitions for Audit Files

3. Create the audit_warn alias

Defines who should get email warnings when the audit service needs attention. 

How to Configure the audit_warn Email Alias

4. (Optional) Change audit policy 

Defines additional audit data that your site requires. 

How to Configure Audit Policy

5. (Optional) Change audit queue parameters 

Modifies the default queue parameters. 

How to Configure Audit Queue Parameters

6. Configure auditing in non-global zones 

Enable non-global zones to collect auditing records 

Configuring the Audit Service in Zones (Tasks)

7. Enable auditing 

Turns on the audit service. 

How to Enable the Audit Service

When perzone auditing is turned on, enables auditing in a non-global zone.

Example 30–17

8. (Optional) Disable auditing 

Turns off the audit service. 

How to Disable the Audit Service

When perzone auditing is turned on, disables auditing in a non-global zone.

Example 30–22

9. (Optional) Reread auditing configuration changes 

Reads audit configuration changes into the kernel while the auditd daemon is running.

How to Update the Audit Service