Bob,
> I was wondering if anyone has run into this. I have two TX systems,
> each with the same BSM configuration, that has zonename enabled.
I'm not sure where this all ended up. I saw a lot of commentary
about networking. That all seemed unrelated to the question
I thought you were asking:
If I have two systems identically configured for auditing
and one has a single IP address for the global and all labeled
zones. And the other has multiple IP addresses for labeled
zones, should the audit trail (recorded only in the Global
Zone) be substatively different?
The answer is no. As TX ships it is configured in the global
zone (audit_startup(1m)) with the -perzone policy. No labeled
zone should generate a separate audit trail. An GZ admin
can, of course, misconfigure the system.
As Darren typoed and you caught, in the GZ ask
auditconfig -getpolicy and you should not see "perzone"
in the list of policies.
Gary..
