|Skip Navigation Links|
|Exit Print View|
|System Administration Guide: Security Services Oracle Solaris 11 Express 11/10|
During system configuration, you preselect which classes of audit records to monitor. You can also fine-tune the degree of auditing that is done for individual users. The following figure shows details of the flow of Oracle Solaris auditing.
Figure 28-1 The Flow of Auditing
The audit_binfile plugin places binary audit records in designated audit directories. Post-selection tools enable you to examine interesting parts of the audit trail.
The audit_remote plugin sends binary audit records across a protected link to a remote repository.
For the audit_syslog plugin sends text summaries of audit records to syslog.
Systems that install non-global zones can audit all zones identically from the global zone. These systems can also be configured to collect different records in the non-global zones. For more information, see Auditing and Oracle Solaris Zones.