The procedures to configure and manage auditing in Trusted Extensions differ slightly from Solaris procedures:
Audit configuration is performed in the global zone by one of two administrative roles. Then, the system administrator copies specific customized audit files from the global zone to every labeled zone. By following this procedure, user actions are audited identically in the global zone and in labeled zones.
For details, see Audit Tasks of the Security Administrator and Audit Tasks of the System Administrator
Trusted Extensions administrators use a trusted editor to edit audit configuration files.
Trusted Extensions administrators use the Solaris Management Console to configure specific users. User-specific audit characteristics can be specified in this tool. Specifying user characteristics is only required when the user's audit characteristics differ from the audit characteristics of the systems on which the user works. For an introduction to the tool, see Solaris Management Console Tools.