SUMMARY: File Auditing on SOlaris

Gary Franczyk (gfranczyk@e-one.com)
Mon, 08 Dec 1997 08:31:15 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Jason L. Harrell: "SUMMARY:Guide to installing NIS"
Previous message: Matt Reynolds: "SUMMARY (work arounds): Solaris 2.6 / Netscape font problems."

I asked this:
>Is there a way to audit file systems so that every time a file gets
>touched, changed, deleted or moved, a log record is kept? I know this
>is possible in NT, but can you do it in Solaris 2.5.1?
>
>We are having a problem where someone or something is removing CAD
>files. Id like to know when they are being removed and by whom.
>

Some people suggested tripwire. It is public shareware.

Some suggested the audit_control(4) and bsmconv(1M) in solaris.

I dont think tripwire will get down to the file by file level I am
looking for, so I am going to try the audit_control software built into
solaris. It looks extrememly cryptic though.

Gary Franczyk

Next message: Jason L. Harrell: "SUMMARY:Guide to installing NIS"
Previous message: Matt Reynolds: "SUMMARY (work arounds): Solaris 2.6 / Netscape font problems."