FUJITSU SPARC ENTERPRISE M4000 User Manual

showaudit(8)

310

XSCF Reference Manual • Last Revised June 2007

OPTIONS

The following options are supported:

-a

users

Displays the audit record generation policy for the specified users.
users is a comma-separated list of valid user names.

-c

classes

Displays the audit record generation policy for the specified audit
classes. classes is a comma-separated list of audit classes. A class
may be specified by its numeric value or its name. The ACS_
prefix may be omitted. For example, the class of audit related
events can be expressed as ACS_AUDIT, AUDIT or 16.

The following are valid classes:

all

Denotes all classes.

ACS_SYSTEM(1)

System-related events

ACS_WRITE(2)

Commands that can modify a state

ACS_READ(4)

Commands that read a current
state

ACS_LOGIN(8)

Login-related events

ACS_AUDIT(16)

Audit-related events

ACS_DOMAIN(32)

Domain management–related
events

ACS_USER(64)

User management–related events

ACS_PLATFORM(128)

Platform management–related
events

ACS_MODES(256)

Mode-related events

-e

events

Displays the audit record generation policy for the specified audit
events. events is a comma-separated list of audit events. An event
may be specified by its numeric value or its name. The AEV_
prefix may be omitted. For example, the event for SSH login can be
expressed as AEV_LOGIN_SSH, LOGIN_SSH, or 0.

See showaudit -e all for a list of all valid events.

-g

Displays the global user audit record generation policy.

-h

Displays usage statement.

When used with other options or operands, an error occurs.

-m

Displays the address to which email is sent when the local audit
storage space usages reaches a threshold.