Installation & Operation Manual 324 Document # LTRT-92224
Mediant 8000
client238::~# ausearch -ts this-week -f /etc/audit/audit.conf -i
type=PATH msg=audit(08/09/2009 16:24:07.378:201348) : item=0
name=/etc/audit/audit.rules inode=196865 dev=08:03 mode=file,640
ouid=root ogid=root rdev=00:00
type=CWD msg=audit(08/09/2009 16:24:07.378:201348) : cwd=/
type=SYSCALL msg=audit(08/09/2009 16:24:07.378:201348) : arch=i386
syscall=chmod success=yes exit=0 a0=988a8f8 a1=1a0 a2=80515d4 a3=0
items=1 ppid=16885 pid=16886 auid=root uid=root gid=root euid=root
suid=root fsuid=root egid=root sgid=root fsgid=root tty=pts5 ses=1041
comm=chmod exe=/bin/chmod key=(null)
type=PATH msg=audit(08/09/2009 16:24:35.019:202009) : item=0
name=/etc/audit/audit.rules inode=196865 dev=08:03 mode=file,640
ouid=root ogid=root rdev=00:00
type=CWD msg=audit(08/09/2009 16:24:35.019:202009) : cwd=/
type=SYSCALL msg=audit(08/09/2009 16:24:35.019:202009) : arch=i386
syscall=open success=yes exit=3 a0=9a36a00 a1=8241 a2=1b6 a3=8241 items=1
ppid=16266 pid=16311 auid=root uid=root gid=root euid=root suid=root
fsuid=root egid=root sgid=root fsgid=root tty=pts5 ses=1041 comm=perl
exe=/usr/bin/perl key=(null)
For more information, see Section the man pages for the aureport and ausearch
commands.
To Next Page
Loading...
