Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ aueventmgmt(1M) — Motorola System V 88k Release 4 Version 4.2

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

getaeent(3A)

auevent(4)

audit(4)

aueventmgmt(1M)  —  ADMINISTRATOR COMMANDS

NAME

aueventmgmt − manages the audit event file

SYNOPSIS

aueventmgmt [ name ... ]
aueventmgmt [ -q ] [ -ieventID ] [ -d"description" ] name
aueventmgmt [ -q ] -a name eventID [ "description" ]
aueventmgmt [ -q ] -x name [ name ... ]

DESCRIPTION

aueventmgmt allows root to manage the audit event file, /var/security/auevent.  If aueventmgmt is invoked without any parameters, the event IDs and descriptions for all events in the audit event file are printed to standard output.  If aueventmgmt is invoked with only audit event names for parameters, the event IDs and descriptions for the supplied events will be printed to standard output. 

The options available are:

-d"description" Sets the description field for the audit event name in /var/security/auevent.  The description cannot be longer than 1024 characters (as defined by PATH_MAX in <limits.h>). 

-ieventID Sets the event ID for the audit event name in /var/security/auevent.  Audit event IDs must be unique. 

-a Adds the audit event name to /var/security/auevent. 

-x Deletes the audit event(s) name from /var/security/auevent. 

-q Sets the event ID and/or description quietly. 

If a new audit event is being added to /var/security/auevent, the event ID must be specified; the description is optional.  Audit event names must be uniquely defined and cannot be longer than 45 characters (as defined by MAX_ALIAS_LEN in <sys/audit.h>). 

FILES

/var/security/auevent Contains the valid audit events

SEE ALSO

getaeent(3A), auevent(4), audit(4)

NOTES

Though the descriptions of audit events distributed with the system may be modified, their audit event IDs must not be changed.  The ability to change audit event IDs is intended for use only with new (locally created) audit events. 

(Security Enhancement)

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026