Manualshelf

Managing Systems and Workgroups: A Guide for HP-UX System Administrators

ManualsBrandsHP ManualsSoftwareHP-UX 11i v1.6 Technical Computing (TCOE) LTU
791792793794795796797798799800
Administering a System: Managing System Security
Auditing a Trusted System
Chapter 8794
Table 8-3 Audit Event Types and System Calls
Event Type Description of Action Associated System Calls
admin Log all administrative and
privileged events
acct (2), adjtime (2), audctl (2), audswitch
(2), clock_settime (2), getksym (2),
getprivgrp (2), kload (2)
a
, modadm (2)
a
,
modload (2), modpath (2), modstat (2),
moduload (2), mpctl (2), plock (2), reboot
(2), sched_setparam (2),
sched_setscheduler (2), serialize (2),
setaudid (2), setaudproc (2),
setdomainname (2), setevent (2), sethostid
(2), setprivgrp (2), setrlimit (2),
setrlimit64 (2), settimeofday (2), spuctl
(2)
a
, stime (2), swapon (2), toolbox (2)
a
,
utssys (2)
a
close Log all closings of objects (file
close, other objects close)
close (2), ksem_close (2)
a
, mq_close (2),
munmap (2)
create Log all creations of objects
(files, directories, other file
objects)
creat (2), mkdir (2), mknod (2), msgget
(2), pipe (2), semget (2), shmat (2), shmget
(2), symlink (2)
delete Log all deletions of objects
(files, directories, other file
objects)
ksem_unlink (2)
a
, mq_unlink (2), msgctl
(2), rmdir (2), semctl (2), shm_unlink (2)
ipcclose Log all ipc close events fdetach (3C), shutdown (2)
ipccreat Log all ipc create events
bind (2), socket (2), socket2 (2)
a
,
socketpair (2), socketpair2 (2)
a
ipcopen Log all ipc open events accept (2), connect (2), fattach (3C)