Trusted Solaris Audit Administration

Previous: Time-Stamp Format and Interpretation
Next: Example of a Closed Audit File Name

Example of a File Name for a Still-Active File

The following shows the format of a file name of a still-active file: YYYYMMDDHHMMSS.not_terminated.hostname

Here is an example:

19900327225243.not_terminated.patchwork

The audit log files are named by the beginning date, so the example above was started in 1997, on March 27, at 10:52:43 PM, GMT. The not_terminated in the file name means either that the file is still active or that auditd was unexpectedly interrupted. The name patchwork at the end is the host name whose audit data is being collected.

Previous: Time-Stamp Format and Interpretation
Next: Example of a Closed Audit File Name