|Skip Navigation Links|
|Exit Print View|
|System Administration Guide: Security Services Oracle Solaris 11 Express 11/10|
The following features have been introduced to Oracle Solaris auditing:
Enabled by default.
No reboot is required.
Oracle Solaris auditing is a service. See Oracle Solaris Audit Service.
The auditconfig command is used to display and change audit policy, non-attributable flags, attributable flags, plugins, and queue controls. See the auditconfig(1M) man page.
The rights profiles for auditing have been reconfigured. See Rights Profiles for Administering Auditing.
The audit_flags keyword is used to configure user exceptions to system-wide auditing. The keyword is an argument to the useradd, usermod, roleadd, and rolemod commands. The audit_flags value is stored in the user_attr database. See the useradd(1M), usermod(1M), roleadd(1M), rolemod(1M), and user_attr(4) man pages.
By default, lo events are audited for the system. By default, no user or role is configured for auditing.