Setaudit – FUJITSU M8000 User Manual

setaudit(8)

System Administration

149

NAME

setaudit - manage the system auditing functionality

SYNOPSIS

setaudit

enable|disable|archive|delete

setaudit

[-p count|suspend] [ -m

mailaddr] [-a

users=enable|disable|default]

[-c

classes= {enable|disable }]... [-e events=enable|disable ]... [-g

{enable|disable }] [-t

percents]

setaudit -h

DESCRIPTION

setaudit

(8) manages the collection of data on the use of system resources. Audit

data provides a record of security-related system events. This data can be used to
assign responsibility for actions that have taken place on the system. Auditing
generates records when specified events occur. Events that generate audit records
include:

■

System startup and shutdown

■

Login and logout

■

Authentication actions

■

Administrative actions

Privileges

You must have auditadm privileges to run this command.

Refer to setprivileges(8) for more information.

OPTIONS

The following options are supported:

-a

users=enable|disable|default

Sets the audit record generation policy for the specified users. users is a
comma-separated list of valid user names.

When set to enable or disable, audit record generation for the users is
turned on or off respectively. This setting overrides the global policy for the
specified user.

When set to default, the policy for the users is set to follow the global policy.
Use showaudit -g to display the global user audit record generation policy.

-c

classes=enable|disable

Changes the audit record generation policy for the specified audit classes.
classes is a comma-separated list of audit classes. A class may be specified by
its numeric value or its name. The ACS_ prefix may be omitted. For example,
the class of audit-related events can be expressed as ACS_AUDIT, AUDIT or 16.