I need to know is there any 3rd party software that can help me in auditing non-system files and dirctories?.Coz some one has deleted some files from a common dir and I can not say who did that.
thanx
Solaris OS incorporates auditing functionality but it needs to be tailored and turned on.
The command bsmconv turns on the auditing function but planning is needed to determine what you need to audit. See the man page for audit_control and sun docs website for details. Auditing can track log in / out, file creation, modification, deletion , system calls and so on. Note a high level of auditing will have an affect on system performance and also require considerable disk space for log files.
Another product which provides key stroke logging is Axent UPM
Some form of logging is also available by examining users session history files and last login times.
All of these methods only work if users have seperate accounts, if many users all have access to the same account and password these techniques cannot be applied. Axent overcomes this with the idea of a priviledged run command which allows, for instance, users to su to root but still logs actions against their original login ID. This assumes that direct login to root or another priviledged account is disabled (or severely restricted).
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.