System Administration Guide: Security Services

Example—Changing Audit Flags for All Users

The flags line in the audit_control file defines which classes of events are audited for all users on the host. The classes are separated by commas, with no spaces. In this example, the events in the lo class are audited for all users.


# cat /etc/security/audit_control
dir:/var/audit
flags:lo
minfree:10
naflags:lo