Trusted Extensions and Auditing
On a system that is configured with Trusted Extensions software, auditing is configured
and is administered similarly to auditing on a Solaris system. However, the following
are some differences.
Trusted Extensions software adds audit classes, audit events, audit tokens, and audit policy options to the system.
By default, auditing is enabled in Trusted Extensions software.
Solaris per-zone auditing is not supported. In Trusted Extensions, all zones are audited identically.
Trusted Extensions provides administrative tools to administer the users' audit characteristics and to edit audit files.
Two roles, System Administrator and Security Administrator, are used to configure and administer auditing in Trusted Extensions.
The security administrator plans what to audit and any site-specific, event-to-class mappings. As in the Solaris OS, the system administrator plans disk space requirements for the audit files, creates an audit administration server, and installs audit configuration files.