This procedure enables separate zone administrators to control the audit service in their zone. For the complete list of policy options, see the auditconfig(8) man page.
Before You Begin
To configure auditing, you must become an administrator who is assigned the Audit Configuration rights profile. To enable the audit service, you must become an administrator who is assigned the Audit Control rights profile. For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.4.
myzone$ pfexec audit -s
This example works if the perzone audit policy is set. The zone administrator of the noaudit zone disables auditing for that zone.
noauditzone$ pfexec auditconfig -getcond audit condition = auditing noauditzone$ pfexec audit -t noauditzone$ pfexec auditconfig -getcond audit condition = noaudit