Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ audit_report(8) — bsd — Apollo Domain/OS SR10.4

Media Vault

Software Library

Restoration Projects

Artifacts Sought

audit_report(8)                 Domain/OS BSD                  audit_report(8)




NAME
     audit_report - dump audit log files


SYNOPSIS
     audit_report [ -all ] log_file_name ...

DESCRIPTION
     The audit_report command displays an audit log file in text form.  You
     can redirect the output as ASCII text to another file.  To cut down on
     the amount of data, you can also filter the output by using the standard
     grep and awk utilities.

     You can use audit_report only with log files collected via the audit
     command's -collect option.  audit_report does not work with active log
     files.

     The filenames for collected log files take the form audit_log.date-
     time.node_id where date-time is the date and time at which the log file
     was started (in yymmddhhmmss format) and node_id is the hexadecimal node
     ID of the node from which you collected the file.

ARGUMENTS
     log_file_name ...
               Specifies pathname of the log file(s) to be printed.
               More than one pathname may be specified.

OPTIONS
     The audit command provides the following option:

     [-all]
               Specifies that the audit report tool is to display all the
               audit records in the log file. If not specified, the audit tool
               filters out dir_resolve event records, as these are recorded
               only for the purpose of helping to display path names in
               audit records in place of unique identifiers (UIDs).

EXAMPLES
     The following examples illustrate how the audit_report command works:

     ⊕  To display the contents of an audit log file that was started on March
        27, 1989, (890327) at 6:29 and 54 seconds p.m. (182954), on node
        12130:

        $ audit_report audit_log.890327182954.12130


     ⊕  To redirect the output to a file called log_file1:

        $ audit_report audit_log.890327182954.12130 > log_file1


     ⊕  To create an output file that contains only event records associated
        with event types in the access category:

        $ audit_report audit_log.890327182954.12130 | grep 'access'
                  > log_file2


SEE ALSO
     audit

     audit_daemon

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026