I asked this:
>Is there a way to audit file systems so that every time a file gets
>touched, changed, deleted or moved, a log record is kept? I know this
>is possible in NT, but can you do it in Solaris 2.5.1?
>
>We are having a problem where someone or something is removing CAD
>files. Id like to know when they are being removed and by whom.
>
Some people suggested tripwire. It is public shareware.
Some suggested the audit_control(4) and bsmconv(1M) in solaris.
I dont think tripwire will get down to the file by file level I am
looking for, so I am going to try the audit_control software built into
solaris. It looks extrememly cryptic though.
Gary Franczyk
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:12:11 CDT