By managing the audit trail, you can monitor the actions of users on your network. Auditing can generate large amounts of data. The following tasks show you how to work with all this data.
How to Display Audit Record Formats
To write scripts that can find the audit data that you want, you need to know the order of tokens in an audit event. The bsmrecord command displays the audit event number, audit class, selection mask, and record format of an audit event.
Put the format of all audit event records in an HTML file.
The -a option lists all audit event record formats. The -h option puts the list in HTML format that can be displayed in a browser.
% bsmrecord -a -h > audit.events.html
When you display the *html file in a browser, use the browser's Find tool to find specific records.
No comments:
Post a Comment