audit(2)

NAME

     audit - write a record to the audit log

SYNOPSIS

     cc [ flag ... ] file ... -lbsm -lsocket -lnsl -lintl [ library... ]
     #include <sys/param.h>
     #include <bsm/audit.h>

     int audit(caddr_t record, int length);

DESCRIPTION

     The  audit() function is used to write a record to the  sys-
     tem audit log.  The data pointed to by  record is written to
     the log after a minimal  consistency check, with the  length
     parameter  specifying the size of the record  in bytes.  The
     data should be a well-formed audit  record as  described  by
     audit.log(4).

     The kernel  validates  the  record  header  token  type  and
     length,   and  sets  the time stamp value before writing the
     record to the  audit  log.   The  kernel  does  not  do  any
     preselection for  user-level generated events.  If the audit
     policy is set to  include sequence or  trailer  tokens,  the
     kernel will append  them to the record.

RETURN VALUES

     Upon successful completion, 0 is returned.    Otherwise,  -1
     is returned and  errno is set to indicate the error.

ERRORS

     The audit() function will fail if:

     EFAULT
           The record argument points outside the process's allo-
           cated address space.

     EINVAL
           The record header token ID is invalid or the length is
           either less than the header token size or greater than
           MAXAUDITDATA.

     EPERM The process's effective user ID is not superuser.

USAGE

     Only the superuser can successfully execute this call.

ATTRIBUTES

     See attributes(5) for descriptions of the  following  attri-
     butes:

     ____________________________________________________________
    |       ATTRIBUTE TYPE        |       ATTRIBUTE VALUE       |
    |_____________________________|_____________________________|
    | Interface Stability         | Stable                      |
    |_____________________________|_____________________________|
    | MT-Level                    | MT-Safe                     |
    |_____________________________|_____________________________|

SEE ALSO

     bsmconv(1M),  auditd(1M),  auditon(2),  auditsvc(2),  getau-
     dit(2), audit.log(4), attributes(5)

NOTES

     The functionality described in this man  page  is  available
     only  if  the  Basic Security Module (BSM) has been enabled.
     See bsmconv(1M) for more information.
Man(1) output converted with man2html