Example—Creating an Audit Admin Login (System Administration Guide: Security Services)

System Administration Guide: Security Services

Previous: Example—Changing Auditing for One User
Next: How to Add Audit Classes

Example—Creating an Audit Admin Login

If all the audit partitions are full and logins are audited, then users might not be able to log in to a host. To avoid this situation, you can set up a special account that is not audited. The special account could log in to the host even when the audit partitions are full, and fix the problem with the full partitions. In this example, the account auditadm is defined so that no auditing takes place.

# grep auditadm /etc/security/audit_user
auditadmin:no:yes

Note –

The user who is selected to use the audit admin account might need to be monitored in another way.

Previous: Example—Changing Auditing for One User
Next: How to Add Audit Classes