Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

audit logs

Status
Not open for further replies.
gallows

gallows

Technical User
Jun 12, 2004
223
0
0
US
How do you all handle your /var/adudit logs?
I know about audit -n etc. But what do you use to compress or handle them? This is on a Solaris 9 box. I know about logadm.conf etc, but is there something else or a better way to compress/delete these logs?

tks

 
Sort by date Sort by votes
In a company I worked some time ago they had a script that:
- closed the actual audit log
- renamed it with the actual date
- compressed it
- moved to another server (nfs or automatic ftp), where security staff could take a look at it, and after some time the logs were moved to TSM and deleted from this server
- restarted the audit process to a new log file

Don't remember the options for audit, but I think man should give you what you need.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

ladondo
  • Locked
  • Question
HOW TO CONFIGURE BSM AUDIT IN GLOBAL ZONE TO AUDIT ALL THE ZONES
Replies
0
Views
26
ladondo
ladondo
sundba
  • Locked
  • Question
Auditing Sun Servers
Replies
1
Views
21
sundba
sundba
DNT07
  • Locked
  • Question
Solaris auditing: newly specified classes not being logged
Replies
0
Views
26
DNT07
DNT07
cnull
  • Locked
  • Question
force rights on logs
Replies
1
Views
17
SamBones
SamBones
hoang06
  • Locked
  • Question
root password change audit
Replies
0
Views
10
hoang06
hoang06

Part and Inventory Search

Sponsor

Back
Top