Go to main content

man pages section 7: Standards, Environments, Macros, Character Sets, and Miscellany

Exit Print View

Updated: Wednesday, August 8, 2018
 
 

audit_sstore (7)

Name

audit_sstore - Sends Oracle Solaris audit records to sstore(7)

Synopsis

/usr/lib/security/64/audit_sstore.so

Description

The audit_sstore plugin module for Oracle Solaris audit, /usr/lib/security/audit_sstore.so, sends binary audit records to sstore(7) as configured in auditconfig(8). If the svc:/system/sstore:default service is not running, then audit_sstore keeps a cache of unsent audit records. When a new audit record is generated, audit_sstore attempts to send the new record and the unsent records.

The audit_sstore plugin is loaded by auditd if the plugin is configured as active through auditconfig. Use the auditconfig –setplugin option to change all the plugin-related configuration parameters.

Object Attributes

The p_flag attribute is used to further filter audit data being sent to the sstore daemon beyond the classes specified through the flags and naflags (see auditconfig(8)) and through the user-specific lines of user_attr(5). The parameter is a comma-separated list in which each item represents an audit class (see audit_class(5)) and is specified by using the syntax described in the audit_flags(7) man page.

Attributes

See attributes(7) for descriptions of the following attributes:

ATTRIBUTE TYPE
ATTRIBUTE VALUE
MT Level
MT-Safe
Interface Stability
Committed

See Also

attributes(7), sstore(7), audit_warn(8), auditconfig(8), auditd(8)