sample 5.3 based trusted os ;-)
Martin Englund
Martin.Englund at Sun.COM
Fri Jan 21 21:28:50 GMT 2005
ilmar at watson.org wrote:
> i have a printed trusted solaris 7 audit administration book, so i have
> some basic knowledge of what file token is. But i didn't see it in solaris
> logs. Maybe i should turn some flag on?
>
It should always be there:
airlock# praudit 20050121204329.20050121204330.airlock
file,2005-01-21 21:43:29.802 +01:00,20050121194329.20050121204330.airlock
[stuff deleted]
file,2005-01-21 21:43:30.820
+01:00,/var/audit/20050121204330.not_terminated.airlock
>> Will you add an XML output option to praudit[1]? I'm working on a GUI
>> audit trail viewer, and it would be neat if it could read audit trails
>> from all systems.
> Well, i thought about adding such functionality. But i don't know which
> tags should i use.
>
I can see if I can generate a XML log which contains all tags and send to
you if you like.
cheers,
/Martin
--
Martin Englund, Senior Network Security Engineer, Sun IT Security Office
Email: martin.englund at sun.com Time Zone: MEST/UTC+1 PGP: 1024D/4CDCB50F
"The question is not if you are paranoid, it is if you are paranoid enough."
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-discuss" in the body of the message
More information about the trustedbsd-discuss
mailing list