Tracking file access in Solaris

Posted on 2011-09-15
Last Modified: 2012-06-27

I started at a new gig who is running Solaris and they need to know of a way to track when files have been accessed, changed or deleted and by whom.  Is there any package that can do that?


Question by:Ben Conner
LVL 21

Expert Comment

ID: 36547165
AIDE should be able to do what you want.

Here is a link to get it going on Solaris 10

Author Comment

by:Ben Conner
ID: 36547191
Hi Papertrip,

This will answer the question of who modified and/or deleted a file?   From the writeup I can see where it can detect a file that's been altered, but no mention of which account did it.  Am I missing something?

LVL 21

Expert Comment

ID: 36547214
I'm not sure if there is anything out there that will do exactly that.  AIDE is meant to be a tool to use in conjunction with the usual stuff, it's basically open source Tripwire.
LVL 48

Accepted Solution

Tintin earned 500 total points
ID: 36547350
You can use Solaris Basic Security Mode (BSM), which is a native Solaris package for auditing all types of things.

man bsm

for more info

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

LVL 76

Expert Comment

ID: 36547352
Subversion/cvs might be what you are looking for.  Access to the file can only be obtained through them and they will maintain versioning as well as records of access.

depending on the file and what their purpose is.

is this a document management type of mechanism you are looking for?
LVL 21

Expert Comment

ID: 36547354
Interesting I never heard of that.  Will it report which user modified a specific file?
LVL 21

Expert Comment

ID: 36547355
Woops my last comment was @Tintin

Author Closing Comment

by:Ben Conner
ID: 36548971
Wow.  BSM looks like RACF on an IBM mainframe in terms of functionality.  This will definitely do what they wanted it to.

Thanks much!


Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

In tuning file systems on the Solaris Operating System, changing some parameters of a file system usually destroys the data on it. For instance, changing the cache segment block size in the volume of a T3 requires that you delete the existing volu…
This tech tip describes how to install the Solaris Operating System from a tape backup that was created using the Solaris flash archive utility. I have used this procedure on the Solaris 8 and 9 OS, and it shoudl also work well on the Solaris 10 rel…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now