Resolution
goal
Which Unix commands show that Audited Events is enabled?
goal
How do I determine whether a Unix computer is auditing events?
fact
VigilEnt Security Agent for Unix
fact
Which Unix commands show that Audited Events is enabled?
goal
How do I determine whether a Unix computer is auditing events?
fact
VigilEnt Security Agent for Unix
fact
To determine whether Audited Events is enabled on a computer running Unix, on the computer, run the command appropriate for the installed operating system:
Operating System | Command Name | Comments |
AIX | audit query | After running the command, check the output. If the first line of the output contains the word on, auditing is enabled. |
HP-UX | audsys | After running the command, check the output. If the first line of the output contains the word on, auditing is enabled. |
OSF | ps -ef| grep -w auditd | When the command is complete run the following process: /usr/sbin/auditmask . |
Linux | Linux does not support auditing. | |
Solaris | auditconfig -getcond | After running the command, check the output. If the first line of the output contains the word auditing, auditing is enabled. |
Irix | sbin/chkconfig audit |
Additional Information
Formerly known as NETIQKB43471