File Formats                                       audit_event(4)

NAME
     audit_event - audit event definition and class mapping

SYNOPSIS
     /etc/security/audit_event

DESCRIPTION
     /etc/security/audit_event  is  an  ASCII  system  file  that
     stores  event  definitions  and specifies the event to class
     mappings. Programs  use  the  getauevent(3BSM)  routines  to
     access this information.

     The fields for each event entry  are  separated  by  colons.
     Each event is separated from the next by a newline.

     Each entry in the audit_event file has the form:

          number:name:description: flags

     The fields are defined as follows:

     number
           The event number.

     name  The event name.

     description
           The description of the event.

     flags Flags specifying classes to which the event is mapped.

EXAMPLES
     Example 1: Sample of the audit_event file entries.

     Here is a sample of the  audit_event file entries:

            7:AUE_EXEC:exec(2):pc,ex
            79:AUE_OPEN_WTC:open(2) - write,creat,trunc:fc,fd,fw
            6152:AUE_login:login - success or failure:lo
            6153:AUE_logout:logout:lo
            6154:AUE_telnet:login - through telnet:lo
            6155:AUE_rlogin:login - through rlogin:lo

FILES
     /etc/security/audit_event

SEE ALSO
     bsmconv(1M), getauevent(3BSM), audit_control(4)

SunOS 5.8           Last change: 31 Dec 1996                    1

File Formats                                       audit_event(4)

NOTES
     The functionality described in this man  page  is  available
     only  if  the  Basic Security Module (BSM) has been enabled.
     See bsmconv(1M) for more information.

SunOS 5.8           Last change: 31 Dec 1996                    2