| |
| ..The audit_control File | 11 |
| ....Sample audit_control File | 13 |
| ..User Audit Fields in the audit_user File | 13 |
| ..Process Audit Characteristics | 14 |
| ....Process Preselection Mask | 15 |
| ....Audit ID | 15 |
| ....Audit Session ID | 15 |
| ....Terminal ID | 15 |
| ..How the Audit Trail Is Created | 16 |
| ....The audit_data File | 16 |
| ....The Audit Daemon's Role | 17 |
| ....What Makes a Directory Suitable | 17 |
| ....Keeping Audit Files Manageable | 18 |
| ..The audit_warn Script | 18 |
| ..Using the auditreduce Command | 20 |
| ..Controlling Audit Costs | 22 |
| ....Cost of Increased Processing Time | 23 |
| ....Cost of Analysis | 23 |
| ....Cost of Storage | 23 |
| ..Auditing Normal Users | 25 |
| ..Auditing Efficiently | 25 |
| ....· To Combine and Reduce audit Files | 26 |
| ..Learning About the Audit Trail | 26 |
| ....More About the Audit Files | 27 |
| |
| ........Audit File Naming | 27 |
| ........How Audit File Names Are Used | 28 |
| ........Time-Stamp Format and Interpretation | 28 |
| ........Example of a File Name for a Still-Active File | 28 |
| ........Example of a Closed Audit File Name | 29 |
| ....Handling Nonactive Files Marked not_terminated | 29 |
| ....· To Create Audit Partitions and Export Them | 30 |
| ........Example audit_control File Entries | 32 |
| ....· To Configure Auditing | 32 |
| ....· To Plan Audit Configuration | 33 |
| ..Preventing Audit Trail Overflow | 36 |
| ....· To Prevent Audit Trail Overflow | 36 |
| ..The auditconfig Command | 37 |
| ..Setting Audit Policies | 39 |
| ....· To Change Which Events Are in Which Audit Classes. | 40 |
| ..Changing Class Definitions | 40 |
3. Audit Trail Analysis | 43 |
| ..Auditing Features | 43 |
| ....Audit User ID | 44 |
| ....Audit Session ID | 44 |
| ....Self-Contained Audit Records | 44 |
| ..Tools for Merging, Selecting, Viewing, and Interpreting Audit |
| ....Records | 44 |
| ..Audit Record Format | 45 |
| |
| ....How auditreduce Helps in a Distributed System | 56 |
| ....Using auditreduce | 57 |
| ........· To Display the Whole Audit Log | 57 |
| ........· To Print the Whole Audit Log | 57 |
| ........· To Display User Activity on a Selected Data | 57 |
| ........· To Copy Login/Logout Messages to a Single File | 57 |
| ........· To Clean Up a not_terminated Audit File | 58 |
| ....Other Useful auditreduce Options | 58 |
| ..Using praudit | 59 |
4. Device Allocation | 61 |
| ..Risks Associated With Device Use | 62 |
| ..Components of the Device-Allocation Mechanism | 62 |
| ..Using the Device-Allocation Utilities | 63 |
| ..The Allocate Error State | 64 |
| ..The device_maps File | 64 |
| ..The device_allocate File | 66 |
| ..Device-Clean Scripts | 68 |
| ....Object Reuse | 68 |
| ........Device-Clean Script for Tapes | 69 |
| ........Device-Clean Scripts for Diskettes and CD-ROM | 69 |
| ........Device-Clean Script for Audio | 70 |
| ....Writing New Device-Clean Scripts | 70 |
| ..Setting Up Lock Files | 70 |
| ....· To Set Up Lock Files for a Device to Be Made Allocatable | 71 |
Scarica il manuale in formato PDF