HP-UX Reference (11i v2 07/12) - 1M System Administration Commands A-M (vol 3)
a
audusr(1M) audusr(1M)
NAME
audusr - select users to audit
SYNOPSIS
audusr [[-a user ] ...] [[
-d user ] ...] [-A-D]
DESCRIPTION
audusr is used to specify users to be audited or excluded from auditing. The
audusr command only
works for systems that have been converted to trusted mode.
To select users to audit on systems that have not been converted to trusted mode, the TrustedMigration
product needs to be installed and the
userdbset
command is used. See also audit(5), userdbset(1M),
userdb(4), and
AUDIT_FLAG in security(4).
If no arguments are specified, audusr
displays the audit setting of every user. audusr is restricted to
superusers.
Options
audusr recognizes the following options:
-a user Audit the specified user. The auditing system records audit records to the ‘‘current’’ audit
file when the specified user executes audited events or system calls. Use audevent to
specify events to be audited (see audevent(1M)).
-d user Do not audit the specified user.
-A Audit all users.
-D Do not audit any users.
The -A and -D options are mutually exclusive: that is, if -A is specified,
-d cannot be specified; if -D
is specified, -a cannot be specified.
Users specified with audusr are audited (or excluded from auditing) beginning with their next login ses-
sion, until excluded from auditing (or specified for auditing) with a subsequent audusr invocation. Users
already logged into the system when
audusr is invoked are unaffected during that login session; however,
any user who logs in after audusr is invoked is audited or excluded from auditing accordingly.
AUTHOR
audusr was developed by HP.
FILES
/tcb/files/auth/*/*
File containing flags to indicate whether users are audited.
SEE ALSO
audevent(1M), userdbset(1M), setaudproc(2), audswitch(2), audwrite(2), security(4), userdb(4), audit(5).
HP-UX 11i Version 2: December 2007 Update − 1 − Hewlett-Packard Company 79