Solved

Solaris 9 CDE Authentication Logging

Posted on 2006-10-30
5
436 Views
Last Modified: 2013-12-27
We have a need to log *ALL* login successes and failures in Solaris 9.

I've been able to get all command line logins to log.. no problemo....  however, no CDE activity logs... I can't seem to find a way to get CDE login successes and failures to write to syslog...



Help?!?!


0
Comment
Question by:ParadiseITS
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 10

Accepted Solution

by:
Nukfror earned 400 total points
ID: 17836859
You should enable BSM for this.  Just google for "solaris bsm login audit" and you'll find all kinds of stuff.  An example is here:

http://www.deer-run.com/~hal/sysadmin/SolarisBSMAuditing.html
0
 
LVL 38

Assisted Solution

by:yuzh
yuzh earned 100 total points
ID: 17838759
Agreed with  Nukfror use BSM for the job, have a look at the following docs about BSM, to learn more:
http://www.boran.com/security/sp/Solaris_bsm.html
http://www.securityfocus.com/infocus/1362
http://abelew.web.wesleyan.edu/bsmaudit1.html
http://docs.sun.com     -- Search for BSM

0
 
LVL 9

Author Comment

by:ParadiseITS
ID: 17842093
So, to break down the BSM tool...    the document Nukfor sent seems to sum it up... so here is my understanding...  can anyone clarify if I've got it before I try it?


run the audit_startup script
then I can edit (using vi??) the audit_control file to:

dir:/var/audit
minfree:20
flags:lo
naflags:lo


and this will grab all login activity?

My thoughts were to setup a cron job to do the audit -n then archive the resulting logs off the server...  is this a sound plan?  Or am I missing something??

0
 
LVL 9

Author Comment

by:ParadiseITS
ID: 17842217
check that.. I meant run the bsmconv.. not audit_startup
0
 
LVL 9

Author Comment

by:ParadiseITS
ID: 17842672
I'm going to go ahead and close this, I have it working on my Virtual Machine so it's good enough to close the question -- thanks!
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Let's say you need to move the data of a file system from one partition to another. This generally involves dismounting the file system, backing it up to tapes, and restoring it to a new partition. You may also copy the file system from one place to…
Introduction Regular patching is part of a system administrator's tasks. However, many patches require that the system be in single-user mode before they can be installed. A cluster patch in particular can take quite a while to apply if the machine…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Suggested Courses

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question