diff options
| author | Robert Watson <rwatson@FreeBSD.org> | 2007-11-28 11:55:25 +0000 |
|---|---|---|
| committer | Robert Watson <rwatson@FreeBSD.org> | 2007-11-28 11:55:25 +0000 |
| commit | 0bd49d9eafad9cc265a53e701065d58b871530ec (patch) | |
| tree | d17db0bfe20ac5d61d6e8d5fc066a32acad96965 | |
| parent | f8c2899bf671ac667779f926e4b5c46aade35bae (diff) | |
Notes
| -rw-r--r-- | en_US.ISO8859-1/books/handbook/audit/chapter.sgml | 19 |
1 files changed, 12 insertions, 7 deletions
diff --git a/en_US.ISO8859-1/books/handbook/audit/chapter.sgml b/en_US.ISO8859-1/books/handbook/audit/chapter.sgml index a39e63d88f..fdf50e5791 100644 --- a/en_US.ISO8859-1/books/handbook/audit/chapter.sgml +++ b/en_US.ISO8859-1/books/handbook/audit/chapter.sgml @@ -36,7 +36,7 @@ requirements. --> <see>MAC</see> </indexterm> - <para>FreeBSD 6.2-RELEASE and later include support for fine-grained + <para>&os; 6.2 and later include support for fine-grained security event auditing. Event auditing allows the reliable, fine-grained, and configurable logging of a variety of security-relevant system events, including logins, configuration @@ -191,9 +191,10 @@ requirements. --> <title>Installing Audit Support</title> <para>User space support for Event Auditing is installed as part of the - base &os; operating system as of 6.2-RELEASE. However, Event Auditing - support must be explicitly compiled into the kernel by adding the - following lines to the kernel configuration file:</para> + base &os; operating system. In &os; 6.3 and later, kernel support for + Event Auditing is compiled in by default. In &os; 6.2, support must be + explicitly compiled into the kernel by adding the following lines to + the kernel configuration file:</para> <programlisting>options AUDIT</programlisting> @@ -201,9 +202,9 @@ requirements. --> the kernel via the normal process explained in <xref linkend="kernelconfig">.</para> - <para>Once the kernel is built, installed, and the system has been - rebooted, enable the audit daemon by adding the following line to - &man.rc.conf.5;:</para> + <para>Once an audit-enabled kernel is built, installed, and the system + has been rebooted, enable the audit daemon by adding the following line + to &man.rc.conf.5;:</para> <programlisting>auditd_enable="YES"</programlisting> @@ -584,6 +585,10 @@ trailer,133</programlisting> <literal>return</literal> token indicates the successful execution, and the <literal>trailer</literal> concludes the record.</para> + <para>In &os; 6.3 and later, <command>praudit</command> also supports + an XML output format, which can be selected using the + <option>-x</option> argument.</para> + </sect2> <sect2> |