How to Enable Auditing (System Administration Guide: Security Services)

System Administration Guide: Security Services

How to Enable Auditing

This task starts the auditing service. If the service has been configured, then rebooting the host also starts the service.

Become superuser or assume an equivalent role.

Bring the system into single-user mode.
# /etc/telinit 1
See the telinit(1M) man page for more information.

Run the script to configure the system to run auditing.

Go to the /etc/security directory, and execute the bsmconv script there. The script sets up a standard Solaris machine to run auditing after a reboot. See the bsmconv(1M) man page.
# cd /etc/security # ./bsmconv

Bring the system into multiuser mode.
# /etc/telinit 6
The startup file /etc/security/audit_startup causes the audit daemon to run automatically when the system enters multiuser mode.

© 2010, Oracle Corporation and/or its affiliates