The audit trail requires dedicated file space. The dedicated file space for audit files must be available and secure. Each system should have several audit directories that are configured for audit files. You should decide how to configure the audit directories as one of the first tasks before you enable auditing on any systems. The following procedure covers the issues to be resolved when you plan for audit trail storage.
If you are implementing non-global zones, complete How to Plan Auditing in Zones before using this procedure.
Determine how much auditing your site needs.
Balance your site's security needs against the availability of disk space for the audit trail.
Determine which systems are to be audited.
On those systems, allocate space for at least one local audit directory. To specify the audit directories, see Example 30–3.
Determine which systems are to store audit files.
Decide which servers are to hold the primary and secondary audit directories. For examples of configuring disks for audit directories, see How to Create Partitions for Audit Files.
Name the audit directories.
Determine which systems are to use which audit directories.