Example—Changing Audit Flags for All Users (System Administration Guide: Security Services)

System Administration Guide: Security Services

Previous: Example—Changing the Location of the Audit Trail File
Next: Example—Changing the Soft Limit for Warnings

Example—Changing Audit Flags for All Users

The flags line in the audit_control file defines which classes of events are audited for all users on the host. The classes are separated by commas, with no spaces. In this example, the events in the lo class are audited for all users.

# cat /etc/security/audit_control
dir:/var/audit
flags:lo
minfree:10
naflags:lo

Previous: Example—Changing the Location of the Audit Trail File
Next: Example—Changing the Soft Limit for Warnings