Systems within a single administrative domain can create a single-system image audit trail.
To create a single-system image audit trail for a site, follow these requirements:
Use the same naming service for all systems.
For correct interpretation of the audit records, the passwd, group, and hosts files must be consistent.
Configure the audit service identically on all systems. For information about displaying and modifying the service settings, see the auditconfig (1M) man page.
Use the same audit_warn, audit_event, and audit_class files for all systems.
Refer to How to Plan Who and What to Audit for additional considerations for enabling auditing on the systems.