auditcmd(ADM)

Syntax

Description

auditcmd allows the following options:

-e

Enable the audit subsystem for audit record generation. The enabling of the audit subsystem initializes subsystem parameters from the /tcb/files/audit/audit_parms file. This file is established using the Audit manager selections or auditsh(ADM).

-s

Inform the audit subsystem that a system shutdown is in progress. The subsystem continues audit record generation to a temporary directory on the root file system. The audit daemon is also modified so that it survives the shutdown. The subsystem continues to generate audit records until disabled.

-d

Disable the audit subsystem. All audit record generation ceases and a termination record is written to the audit trail. This record results in the termination of the audit daemon. The subsystem properly synchronizes to ensure that the audit daemon has read all records from the audit trail before the system is allowed to terminate.

-m

Inform the audit subsystem that multi-user run state has been achieved and that alternate audit directories specified by the administrator using the Audit manager or auditsh are now mounted and available.

-c

Retrieve audit subsystem statistics from the audit device.

-q

Perform the specified option silently. Do not report errors attributable to the audit subsystem not being enabled at the moment.

Exit values

Authorization

See also

``Understanding the audit subsystem'' in the System Administration Guide

Standards conformance