xref: /illumos-gate/usr/src/man/man8/audit.8 (revision 8119dad84d6416f13557b0ba8e2aaf9064cbcfd3)
te
Copyright (c) 2017 Peter Tribble
Copyright (c) 1993, Sun Microsystems, Inc. All Rights Reserved.
The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License.
You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License.
When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
AUDIT 8 "Mar 6, 2017"
NAME
audit - control the behavior of the audit daemon
SYNOPSIS

audit -n | -s | -t | -v
DESCRIPTION

The audit command is the system administrator's interface to maintaining the audit daemon auditd(8). The audit daemon can be stopped, started, or notified to reread the configuration, stored in smf(7) and managed using the auditconfig(8) command.

OPTIONS
-n

Notify the audit daemon to close the current audit file and open a new audit file in the current audit directory.

-s

Validates the audit service configuration and, if correct, notify the audit daemon to reread the audit configuration. If the audit daemon is not running, the audit daemon is started.

-t

Direct the audit daemon to close the current audit trail file, disable auditing, and die. Use -s to restart auditing.

-v

Validate the audit service configuration. At least one plugin must be active; if that plugin is audit_binfile then its p_dir attribute must contain at least one valid directory, and its p_minfree attribute must be between 0 and 100.

DIAGNOSTICS

The audit command will exit with 0 upon success and a positive integer upon failure.

ATTRIBUTES

See attributes(7) for descriptions of the following attributes:

ATTRIBUTE TYPE ATTRIBUTE VALUE
Stability Evolving
SEE ALSO

audit (2), attributes (7), smf (7), auditconfig (8), praudit (8)

NOTES

The -v option can be used in any zone, but the -t, -s, and -n options are valid only in local zones and, then, only if the perzone audit policy is set. See auditd(8) and auditconfig(8) for per-zone audit configuration.