Use this procedure to audit administrative commands, system access, and other significant events as specified by your site security policy.
Before You Begin
You must assume the root role. For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.2 .
Add the cusa audit class to their preselection mask.
# usermod -K audit_flags=cusa:no username
# rolemod -K audit_flags=cusa:no rolename
The audit classes that the cusa meta-class includes are listed in the /etc/security/audit_class file.
# auditconfig -setpolicy +argv
# auditconfig -setpolicy +arge
For information about audit policy, see Audit Policy in Managing Auditing in Oracle Solaris 11.2 .
For examples of setting audit flags, see Configuring the Audit Service in Managing Auditing in Oracle Solaris 11.2 and Troubleshooting the Audit Service in Managing Auditing in Oracle Solaris 11.2 .
auditconfig(1M) man page