Go to main content

Managing Auditing in Oracle® Solaris 11.4

Exit Print View

Updated: February 2019

New Feature – Auditing Events Temporarily

The –t option for the auditconfig command displays or sets the active values of the running system, without displaying or setting the persistent values of the audit service. This release provides the following new subcommands for the –t option:

  • –t –getflags – Displays the user default audit preselection flags.

  • –t –getnaflags – Displays the non-attributable audit flags.

  • –t –setflags audit_flags – Sets the default user audit preselection flags. The default preselection flags are combined with the user's specific audit flags to form the user's audit preselection mask.

  • –t –setnaflags audit_flags – Sets the non-attributable audit flags. Non-attributable audit flags define which classes of events are to be audited when the action cannot be attributed to an authenticated user. Failed logins, for example, are non-attributable.

For more information, see the auditconfig(8) and audit_flags(7) man pages.