Auditing and Oracle Solaris Zones - System Administration Guide: Security Services

Skip Navigation Links
Exit Print View
	System Administration Guide: Security Services Oracle Solaris 11 Express 11/10

Oracle Technology Network

Document Information

Part I Security Overview

1. Security Services (Overview)

Part II System, File, and Device Security

2. Managing Machine Security (Overview)

3. Controlling Access to Systems (Tasks)

4. Virus Scanning Service (Tasks)

5. Controlling Access to Devices (Tasks)

6. Using the Basic Audit Reporting Tool (Tasks)

7. Controlling Access to Files (Tasks)

Part III Roles, Rights Profiles, and Privileges

8. Using Roles and Privileges (Overview)

9. Using Role-Based Access Control (Tasks)

10. Role-Based Access Control (Reference)

11. Privileges (Tasks)

12. Privileges (Reference)

Part IV Oracle Solaris Cryptographic Services

13. Oracle Solaris Cryptographic Framework (Overview)

14. Oracle Solaris Cryptographic Framework (Tasks)

15. Oracle Solaris Key Management Framework

Part V Authentication Services and Secure Communication

16. Using Authentication Services (Tasks)

19. Using Solaris Secure Shell (Tasks)

20. Solaris Secure Shell (Reference)

Part VI Kerberos Service

21. Introduction to the Kerberos Service

22. Planning for the Kerberos Service

23. Configuring the Kerberos Service (Tasks)

24. Kerberos Error Messages and Troubleshooting

25. Administering Kerberos Principals and Policies (Tasks)

26. Using Kerberos Applications (Tasks)

27. The Kerberos Service (Reference)

Part VII Oracle Solaris Auditing

28. Oracle Solaris Auditing (Overview)

29. Planning for Oracle Solaris Auditing

30. Managing Oracle Solaris Auditing (Tasks)

31. Oracle Solaris Auditing (Reference)

Oracle Solaris Audit Service

audit Command

audit_warn Script

auditconfig Command

auditrecord Command

auditreduce Command

auditstat Command

praudit Command

Files Used in the Audit Service

audit_class File

audit_event File

syslog.conf File

Rights Profiles for Administering Auditing

Auditing and Oracle Solaris Zones

Definitions of Audit Classes

Audit Class Syntax

Process Audit Characteristics

Conventions for Binary Audit File Names

Binary Audit File Names

Binary Audit File Timestamps

Audit Record Structure

Audit Record Analysis

Audit Token Formats

argument Token

attribute Token

exec_args Token

exec_env Token

ip address Token

ip port Token

IPC_perm Token

path_attr Token

privilege Token

process Token

sequence Token

subject Token

trailer Token

use of authorization Token

use of privilege Token

zonename Token

Auditing and Oracle Solaris Zones

Non-global zones can be audited exactly as the global zone is audited, or non-global zones can set their own flags, storage, and audit policy.

When all zones are being audited identically, the audit_class and audit_event files in the global zone provide the class-event mappings for auditing in every zone. The +zonename policy option is useful for post-selecting records by zone name.

Zones can also be audited individually. When the policy option, perzone, is set in the global zone, each non-global zone runs its own audit service, handles its own audit queue, and specifies the content and location of its audit records. A non-global zone can also set most audit policy options. It cannot set policy that affects the entire system, so a non-global zone cannot set the ahlt or perzone policy. For further discussion, see Auditing on a System With Zones and How to Plan Auditing in Zones.

To learn about zones, see Part II, Oracle Solaris Zones, in System Administration Guide: Oracle Solaris Zones, Oracle Solaris 10 Containers, and Resource Management.

Copyright © 2002, 2011, Oracle and/or its affiliates. All rights reserved. Legal Notices

Previous

Next