Go to main content

Managing Auditing in Oracle^® Solaris 11.4

Exit Print View

» ...Documentation Home » Oracle Solaris 11.4 Information Library » Managing Auditing in Oracle^® ... » Auditing Reference » Audit Token Formats

Updated: November 2020

Managing Auditing in Oracle^® Solaris 11.4

Document Information

Using This Documentation

Chapter 1 About Auditing in Oracle Solaris

Chapter 2 Planning for Auditing

Chapter 3 Managing the Audit Service

Chapter 4 Configuring the Formats of Audit Logs and Where They Are Stored

Chapter 5 Viewing Audit Records

Chapter 6 Analyzing and Resolving Audit Issues

Chapter 7 Auditing Reference

Audit Service Man Pages

Rights Profiles for Administering Auditing

Auditing and Oracle Solaris Zones

Audit Configuration Files and Packaging

Audit Remote Server

Process Audit Characteristics

Conventions for Binary Audit File Names

Audit Record Structure

Audit Token Formats

Audit Service Glossary

Language:

Audit Token Formats

Each audit record contains a series of audit tokens that describe the attributes of that record. Every audit record begins with a header token, which indicates where the audit record begins in the audit trail. The header token is followed by various data tokens that describe attributes such as user ID, process ID or session ID. Depending on the audit policy, optional tokens may be included in an audit record.

Oracle Solaris adds tokens to record sensitive information in new features. For example, in this release, the new tokens include annotation and cipher.

To view the list of tokens and their definitions, see the audit.log(5) man page.

Note - Obsolete tokens are maintained for compatibility with previous Solaris releases. For information about obsolete tokens, see the reference material for the release that included the token.

Copyright © 2002, 2020, Oracle and/or its affiliates.