Originally posted by: chandru0078

Dear All

Anyone can help me to explain how to configure (enabling ) audit trail function on
AIX 5.3 machine? what is the steps or any redbook for it? Thank you alot..

chandru0078
#AIX-Forum

Originally posted by: tony.evans

man audit

http://www.redbooks.ibm.com/abstracts/sg246396.html
#AIX-Forum

Originally posted by: orphy

Also check the Infocenter. It has examples there too.
Orphy
#AIX-Forum

Originally posted by: SystemAdmin

I had requirement to enable auditing to monitor
shared memory. I used following steps. Hope this give
you some idea to adopt to your needs.

1) configuring audit
create a separate filesystem /audit with size 500 MB
In the file /etc/security/audit/config do the following changes.(backup the file if needed).

start:
binmode = on
streammode = off

bin:
trail = /audit/trail
bin1 = /audit/bin1
bin2 = /audit/bin2
binsize = 65536
cmds = /etc/security/audit/bincmds
freespace = 131072000

Under classes stanza add following line.
classes:
someclassname = SHM_Create,SHM_Open,SHM_Close,SHM_Owner,SHM_Mode,SHM_Detach

Under users stanza add users as follows specifying the above class.
usr1 = <above classname>
usr2 = <above classname>


2) Starting auting
audit start
3) stopping auditing
audit shutdown
4) format the audit file using
cat /audit/trail | auditpr -v -hhelrtRpPTc

Message was edited by: msk-tx
#AIX-Forum