FUJITSU SPARC M4000 User Manual
Page 337
XSCF> viewaudit
file,1,2006-04-26 21:37:25.626
+00:00,20060426213725.0000000000.SCF-4-0
header,20,1,audit - start,0.0.0.0,2006-04-26 21:37:25.660 +00:00
header,43,1,authenticate,0.0.0.0,2006-04-26 22:01:28.902 +00:00
authentication,failure,,unknown user,telnet 27652 0.0.197.33
header,37,1,login - telnet,0.0.0.0,2006-04-26 22:02:26.459 +00:00
subject,1,opl,normal,telnet 50466 10.18.108.4
header,78,1,command - setprivileges,0.0.0.0,2006-04-26
22:02:43.246 +00:00
subject,1,opl,normal,telnet 50466 10.18.108.4
command,setprivileges,opl,useradm
platform access,granted
return,0
Appendix B XSCF Log Information
B-11
In the example above, By default records are displayed in text format, one token
per line, with a comma as the field separator.
The following list displays the Token types and their data (in display order):
■
File Token
Label, version, time, filename
■
Header Token
Label, record byte count, version, event type, machine address, time (event
recorded)
■
Subject Token
Label, audit session ID, UID, mode of operation, terminal type, remote IP
address, remote port
■
Upriv Token
Label, success/failure
■
Udpriv Token
Label, success/failure, privilege name, domain1, ... , domainN
■
Command Token
Label, command name, argument1, ... , argumentN
■
Authentication Token
Label, authentication result, user name, message, terminal type, remote IP
address, remote port
■
Return Token
Label, return value