Go to main content

Managing Auditing in Oracle® Solaris 11.4

Exit Print View

Updated: February 2019
 
 

New Feature – Filtering Audit Records by Functional Area

    System administrators can filter common sets of audit records by functional areas such as cpu, dev, file, or net. These functional areas are called audit tags and defined in the audit_tags database. Also, administrators can create and use their own audit tags.

  • List the audit tags – auditconfig -lstags

  • Verify the audit tags – auditconfig -chktags

  • View events in the audit record by audit tag – auditreduce -t audit-tag

  • View summaries of privileged events in the audit record by audit tag – admhist -t audit-tag

For further information, see the auditconfig(8), auditreduce(8), and admhist(8) man pages.