test

System Administration Guide: Security Services

ProcedureHow to Audit Changes in Device Policy

By default, the as audit class includes the AUE_MODDEVPLCY audit event.

  1. Assume the Primary Administrator role, or become superuser.

    The Primary Administrator role includes the Primary Administrator profile. To create the role and assign the role to a user, see Chapter 2, Working With the Solaris Management Console (Tasks), in System Administration Guide: Basic Administration.

  2. Preselect the audit class that includes AUE_MODDEVPLCY audit event.

    Add the as class to the flags line of the audit_control file. The file would appear similar to the following:


    # audit_control file
dir:/var/audit
flags:lo,as
minfree:20
naflags:lo

    For detailed instructions, see How to Modify the audit_control File.