Manual page for PRAUDIT(8)
praudit - print contents of an audit trail file
SYNOPSIS
praudit
[
-lrs
] [
-ddel
] [
filename
...
]
AVAILABILITY
This program is available with the
Security
software installation option. Refer to
[a manual with the abbreviation INSTALL]
for information on how to install optional software.
DESCRIPTION
praudit
reads the listed
filenames
(or standard input, if no
filename
is specified)
and interprets the data as audit trail records as defined in
audit_control.5
By default, times, security labels, user and group
IDs
(UIDs
and
GIDs,
respectively)
are converted to their
ASCII
representation.
Record type and event fields are converted to long
ASCII
representation.
A maximum of 100 audit files can be specified on the command line.
OPTIONS
- -l
-
Print records one line per record.
The record type and event fields are always converted
to their short
ASCII
representation.
- -r
-
Print records in their raw form.
Times, security labels,
UIDs,
GIDs,
record types, and events are displayed as integers.
Currently, labels are not
used and are displayed as zero in this mode.
This option and the
-s
option are exclusive.
If both are used, a format usage error message is output.
- -s
-
Print records in their short form.
All numeric fields are converted to
ASCII
and displayed.
The short
ASCII
representations for the record type and event fields are used.
Security labels are displayed in their short representation.
Again, labels are not currently used.
This option and the
-r
option are exclusive.
If both are used, a format usage error message is output.
- -ddel
-
Use
del
as the field delimiter instead of the default delimiter, which is the comma.
If
del
has special meaning for the shell, it must be quoted.
The maximum size of a delimiter is four characters.
FILES
- /etc/passwd
-
SEE ALSO
audit.2
setuseraudit.2
getauditflags.3
audit_control.5
Created by unroff & hp-tools.
© somebody (See intro for details). All Rights Reserved.
Last modified 11/5/97