Copyright (c) 2017 Peter Tribble
Copyright (c) 1993, Sun Microsystems, Inc. All Rights Reserved.
The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License.
You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License.
When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
audit -n | -s | -t | -v
The audit command is the system administrator's interface to maintaining the audit daemon auditd(8). The audit daemon can be stopped, started, or notified to reread the configuration, stored in smf(7) and managed using the auditconfig(8) command.
Notify the audit daemon to close the current audit file and open a new audit file in the current audit directory.
Validates the audit service configuration and, if correct, notify the audit daemon to reread the audit configuration. If the audit daemon is not running, the audit daemon is started.
Direct the audit daemon to close the current audit trail file, disable auditing, and die. Use -s to restart auditing.
Validate the audit service configuration. At least one plugin must be active; if that plugin is audit_binfile then its p_dir attribute must contain at least one valid directory, and its p_minfree attribute must be between 0 and 100.
The audit command will exit with 0 upon success and a positive integer upon failure.
See attributes(7) for descriptions of the following attributes:
ATTRIBUTE TYPE ATTRIBUTE VALUE |
Stability Evolving |
audit (2), attributes (7), smf (7), auditconfig (8), praudit (8)
The -v option can be used in any zone, but the -t, -s, and -n options are valid only in local zones and, then, only if the perzone audit policy is set. See auditd(8) and auditconfig(8) for per-zone audit configuration.