By default, auditing is turned on when Trusted Extensions is installed. Therefore, by default, root login and root logout are audited. To audit the users who are configuring the system, you can create roles early in the configuration process. For the procedure, see Creating Roles and Users in Trusted Extensions.
Planning auditing in Trusted Extensions is the same as in the Solaris OS. For details, see Part VII, Solaris Auditing, in System Administration Guide: Security Services. While Trusted Extensions adds classes, events, and audit tokens, the software does not change how auditing is administered. For Trusted Extensions additions to auditing, see Chapter 18, Trusted Extensions Auditing (Overview), in Oracle Solaris Trusted Extensions Administrator’s Procedures.