Example — Setting the cnt Policy (System Administration Guide: Security Services)

System Administration Guide: Security Services

Previous: How to Configure the audit_warn Alias
Next: How to Enable Auditing

Example — Setting the `cnt` Policy

The cnt policy can be set so that if the audit partitions become full, then processes are not blocked. The records are discarded when the partitions are full, but the system still functions even though the auditing process is not recording the events. The cnt policy should not be set if security is paramount, since unrecorded events can occur if the file system is full.

The following command enables the cnt policy:

# auditconfig -setpolicy +cnt

For a secure site, you should enable the cnt policy in an appropriate startup file.

Previous: How to Configure the audit_warn Alias
Next: How to Enable Auditing