Logging Access Control Messages
You can set a policy to log all transactions that failed because the user was denied access. The message displays the user name and the command that was attempted.
To enable access control logging:
- Run
acsss_config
and select Option 4 - "Set Access Control Variables" - Change [FALSE] to [TRUE] at the following prompt: "Messages will be logged when access to commands or volumes is denied.
- Select Option 6 - "Rebuild access control information."
ACSLS recognizes the change and begins logging each time a command request was denied.