praudit(1M)
NAME
praudit - print contents of an audit trail file
SYNOPSIS
praudit [-lrsx] [-ddel] [filename...]
DESCRIPTION
praudit reads the listed filenames (or standard input, if no
filename is specified) and interprets the data as audit
trail records as defined in audit.log(4). By default, times,
user and group IDs (UIDs and GIDs, respectively) are con-
verted to their ASCII representation. Record type and event
fields are converted to their ASCII representation. A max-
imum of 100 audit files can be specified on the command
line.
OPTIONS
The following options are supported:
-ddel Use del as the field delimiter instead of the default
delimiter, which is the comma. If del has special
meaning for the shell, it must be quoted. The maximum
size of a delimiter is three characters. The delimiter
is not meaningful and is not used when the -x option
is specified.
-l Print one line per record.
-r Print records in their raw form. Times, UIDs, GIDs,
record types, and events are displayed as integers.
This option and the -s option are exclusive. If both
are used, a format usage error message is output.
-s Print records in their short form. All numeric fields
are converted to ASCII and displayed. The short ASCII
representations for the record type and event fields
are used. This option and the -r option are exclusive.
If both are used, a format usage error message is out-
put.
-x Print records in XML form. Tags are included in the
output to identify tokens and fields within tokens.
Output begins with a valid XML prolog, which includes
identification of the DTD which can be used to parse
the XML.
FILES
/etc/security/audit_event
Audit event definition and class mappings.
/etc/security/audit_class
Audit class definitions.
/usr/share/lib/xml/dtd
Directory containing the verisioned DTD file refer-
enced in XML output, for example, adt_record.dtd.1.
/usr/share/lib/xml/style
Directory containing the versioned XSL file referenced
in XML output, for example, adt_record.xsl.1.
ATTRIBUTES
See attributes(5) for descriptions of the following attri-
butes:
____________________________________________________________
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
|_____________________________|_____________________________|
| Availability | SUNWcsu |
|_____________________________|_____________________________|
| Interface Stability | See below |
|_____________________________|_____________________________|
The command stability is evolving. The output format is
unstable.
SEE ALSO
bsmconv(1M), audit(2), getauditflags(3BSM), audit.log(4),
audit_class(4), audit_event(4), group(4), passwd(4), attri-
butes(5)
NOTES
This functionality is available only if the Basic Security
Module (BSM) has been enabled. See bsmconv(1M) for more
information.
Man(1) output converted with
man2html