System Administration Guide: Security Services
Previous Next

Rights Profiles for Administering Auditing

The Solaris OS provides rights profiles for configuring the auditing service and for analyzing the audit trail.

  • Audit Control – Enables a role to configure Solaris auditing. This rights profile grants authorizations to configure files that are used by the auditing service. The profile also enables a role to run audit commands. A role with the Audit Control profile can run the following commands: audit, auditd, auditconfig, bsmconv, and bsmunconv.

  • Audit Review – Enables a role to analyze Solaris audit records. This rights profile grants authorization to read audit records with the praudit and auditreduce commands. A role with this rights profile can also run the auditstat command.

  • System Administrator – Includes the Audit Review rights profile. A role with the System Administrator rights profile can analyze audit records.

To configure roles to handle the auditing service, see Configuring RBAC (Task Map).

Previous Next