Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 444
  • Last Modified:

Solaris 9 CDE Authentication Logging

We have a need to log *ALL* login successes and failures in Solaris 9.

I've been able to get all command line logins to log.. no problemo....  however, no CDE activity logs... I can't seem to find a way to get CDE login successes and failures to write to syslog...



Help?!?!


0
ParadiseITS
Asked:
ParadiseITS
  • 3
2 Solutions
 
NukfrorCommented:
You should enable BSM for this.  Just google for "solaris bsm login audit" and you'll find all kinds of stuff.  An example is here:

http://www.deer-run.com/~hal/sysadmin/SolarisBSMAuditing.html
0
 
yuzhCommented:
Agreed with  Nukfror use BSM for the job, have a look at the following docs about BSM, to learn more:
http://www.boran.com/security/sp/Solaris_bsm.html
http://www.securityfocus.com/infocus/1362
http://abelew.web.wesleyan.edu/bsmaudit1.html
http://docs.sun.com     -- Search for BSM

0
 
ParadiseITSAuthor Commented:
So, to break down the BSM tool...    the document Nukfor sent seems to sum it up... so here is my understanding...  can anyone clarify if I've got it before I try it?


run the audit_startup script
then I can edit (using vi??) the audit_control file to:

dir:/var/audit
minfree:20
flags:lo
naflags:lo


and this will grab all login activity?

My thoughts were to setup a cron job to do the audit -n then archive the resulting logs off the server...  is this a sound plan?  Or am I missing something??

0
 
ParadiseITSAuthor Commented:
check that.. I meant run the bsmconv.. not audit_startup
0
 
ParadiseITSAuthor Commented:
I'm going to go ahead and close this, I have it working on my Virtual Machine so it's good enough to close the question -- thanks!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now