Excerpts from transarc.external.info-afs: 4-Jun-94 More on security and
auditing Chris [EMAIL PROTECTED] (517)
> I've read the docs several times and am wondering how I might send a alert
> in this situation. Right now, it looks like I have to run something to
> periodically browse the logs. Obviously, I'd prefer a trap.
In this case, we generate an event for AIX's auditing facility. A
simple daemon can read the events from /dev/audit. That daemon can run
continuously: it will just block if there are no events to be read.
