auditdp.1m (2011 03)
a
auditdp(1M) auditdp(1M)
auditdp -p portable -M "./my_dpms_module" mydata
13. Enable the
follow and no_dns options for read, and the sync option for write. auditdp will
read data from
audit_trail without attempting to resolve the hostname from where the user was
logged in. auditdp will wait for and display audit data as it becomes available. Then
auditdp
will pipe the audit events to a script that converts the portable data into
syslog-like messages (one
line per event). See a sample script at
/opt/audit/AudReport/bin/audit_p2l
.
auditdp -r /var/.audit/audit_trail -o follow -o no_dns -P -O sync \
| audit_p2l
14. Extract login events and save the results in XML format. Then apply a stylesheet on the XML docu-
ment to generate the report in HTML format.
auditdp -p /var/.audit/portable/audit_trail \
-s "+event=file_ops" \
-X file_access_history.xml
java -cp /opt/hpws/xmltools/xalan-j/bin/xalan.jar \
org.apache.xalan.xslt.Process \
-IN file_access_history.xml \
-XSL audreport_file_access.xsl \
-OUT file_access_history.html
WARNINGS
In the current release, neither the auditdp command nor the Audit DPMS framework validates
whether or not a given -o or -O option is supported. Unrecognized options are ignored. Validation of
options may be supported in a future release.
AUTHOR
auditdp was developed by the Hewlett-Packard Company.
FILES
/etc/audit/dpms_filters
the default directory holding Audit DPMS filters for the auditdp command.
/opt/audit/AudReport/README
the file containing information about the scripts
/opt/audit/AudReport/bin/audreport_generator
a sample script that demonstrates how to use the auditdp command and the
XSLT stylesheets to generate a collection of web-based audit reports for regu-
lation compliance purpose
/opt/audit/AudReport/bin/audit_p2l
a sample script that demonstrates how to convert portable data into messages
/opt/audit/AudReport/bin/srp_auditdp_copy
if the HP-UX Containers product (HP-UX-SRP) is installed, this sample script
can be used to run auditdp(1M) to copy audit data to local SRPs
/opt/audit/AudReport/bin/srp_auditdp_global
if the HP-UX Containers product (HP-UX-SRP) is installed, this sample script
can be used to run auditdp(1M) to display audit events of all SRPs
/opt/audit/AudReport/xslts
the directory holding sample XSLT stylesheets
/var/opt/audit/AudReport
the default directory holding web-based audit reports
SEE ALSO
audisp(1M), audit_dpms_api(3), audit_dpms_spi(3), audit_dpms_filter(4), audit(5),
audit_hpux_portable(5), audit_hpux_raw(5), audit_hpux_xml(5).
4 Hewlett-Packard Company − 4 − HP-UX 11i Version 3: March 2011