Gary Winiger writes: > > Here is the current list of audit events. The code to generate all of > > Hummm, for create prop and change prop where we record the > value, we probably should make that optional and not record > the value for protected properties. > Even though the audit trail is protected from non-administrative > access, passwords and crypto keys are never recorded there. > It's unknow what's in a protected property.
That's a good idea. > > Gary.. > > > In addition to the SMF specific audit events, the auditing > > framework, auditd(1M), records additional information such > > as: > > > > o time of event > > > > o user id and process id of program generating the event > > (for SMF this is the doors client of svc.configd) > > > > o an audit session > > Nit. Success or failure is also recorded by the infrastructure. > It is however signaled by the caller as to if it was a success > or failure. Yes, of course. I'll add that. Thanks for you feedback. tom
