No CRON_Finish events

[apache7]

Hi All!

I searched the archives and found no complete answer to the following problem. I hope that one of you have run across this before.

I have setup auditing on AIX 4.3.3 to monitor only the CRON_Start and CRON_Finish events. The log files are getting the CRON_Start events but no CRON_Finish details. I have stopped and restarted the audit processes several times with no success. I am using both bin and stream modes, have no objects defined and do not see any errors or hung processes. Has anyone seen anything like this? Is there a maintenance level release that corrects this? Any help on this is greatly appreciated!

Some details that may help:

oslevel -r 4330-09

/etc/security/audit/config:
start:
binmode = on
streammode = on

bin:
trail = /audit/trail
bin1 = /audit/bin1
bin2 = /audit/bin2
binsize = 10240
cmds = /etc/security/audit/bincmds

stream:
cmds = /etc/security/audit/streamcmds

classes:
cron = CRON_Finish,CRON_Start

users:
root = cron
tproot = cron

/etc/security/audit/events:
* cron
CRON_Start = printf "event = %s cmd = %s time = %s"
CRON_Finish = printf "user = %s pid = %s time = %s"