On Thu, May 08, 2003 at 11:07:13PM +0000, Tina Bird wrote: > anyone out there using solaris BSM? i need a couple of examples of > records of root user activity, and damned if i can find any data > anywhere. Speaking of Solaris BSM -- anybody aware of a tool that listen to the audit log file, and forwards it to syslog or other destinations in near real-time? It could be useful for limiting the time gap of potential modification that periodic dumps with praudit or rsyncing of the binary files will leave. While such a tool probably wouldn't be well suited for 'heavy' auditing, it could work decently for selected audit events. -oddbjorn _______________________________________________ LogAnalysis mailing list LogAnalysisat_private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2b30 : Tue May 20 2003 - 10:31:38 PDT