Solved

Tracking file access in Solaris

Posted on 2011-09-15
8
373 Views
Last Modified: 2012-06-27
Hi,

I started at a new gig who is running Solaris and they need to know of a way to track when files have been accessed, changed or deleted and by whom.  Is there any package that can do that?

Thanks!

--Ben
0
Comment
Question by:Ben Conner
8 Comments
 
LVL 21

Expert Comment

by:Papertrip
ID: 36547165
AIDE should be able to do what you want.

Here is a link to get it going on Solaris 10
0
 

Author Comment

by:Ben Conner
ID: 36547191
Hi Papertrip,

This will answer the question of who modified and/or deleted a file?   From the writeup I can see where it can detect a file that's been altered, but no mention of which account did it.  Am I missing something?

--Ben
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36547214
I'm not sure if there is anything out there that will do exactly that.  AIDE is meant to be a tool to use in conjunction with the usual stuff, it's basically open source Tripwire.
0
 
LVL 48

Accepted Solution

by:
Tintin earned 500 total points
ID: 36547350
You can use Solaris Basic Security Mode (BSM), which is a native Solaris package for auditing all types of things.

man bsm

for more info

0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 77

Expert Comment

by:arnold
ID: 36547352
Subversion/cvs might be what you are looking for.  Access to the file can only be obtained through them and they will maintain versioning as well as records of access.

depending on the file and what their purpose is.

is this a document management type of mechanism you are looking for?
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36547354
Interesting I never heard of that.  Will it report which user modified a specific file?
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36547355
Woops my last comment was @Tintin
0
 

Author Closing Comment

by:Ben Conner
ID: 36548971
Wow.  BSM looks like RACF on an IBM mainframe in terms of functionality.  This will definitely do what they wanted it to.

Thanks much!

--Ben
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Hello fellow BSD lovers, I've created a patch process for patching openjdk6 for BSD (FreeBSD specifically), although I tried to keep all BSD versions in mind when creating my patch. Welcome to OpenJDK6 on BSD First let me start with a little …
Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now