selogrcd Daemon Collect Audit Records
Valid on UNIX
capamsc141
Valid on UNIX
Collector daemon for the
PAM Server Control
log routing system.Note:
selogrcd does not work in IPv6-only environments.The
PAM Server Control
log routing daemons, selogrd and selogrcd, provide system administrators with convenient, selective access to the audit log records.The selogrcd utility is the collection daemon. This daemon collects the selected audit log records sent by various satellite systems and stores them in the audit collection file. The default file is
ACInstallDir
/log/seos.collect.audit.Two tokens enhance audit collection file management. Both tokens are in the [selogrd] section of the seos.ini file
- Use the Caudit_size token to specify the maximum size of the audit collection file. When the file reaches this size,PAM Server Controlcreates a backup file and opens a new file.
- Use the CbackUp_Date token to specify an automatic backup interval and timestamp for the audit collection file.
You can force selogrcd to start a new audit file by sending it a USR1 signal. Once you have the selogrcd process ID, send it a USR1 signal using a kill command such as:
kill -USR1 processID
When it receives a USR1 signal, selogrcd renames the existing audit file to
ACInstallDir
/log/seos.collect.bak and creates an audit file. You can also use a cron job to perform this task periodically. A sample script that performs this task is provided in the directory ACInstallDir
/samples/selogrcd. You can expand the functionality of the selogrcd daemon by writing programs at your site that use the APIs provided with
PAM Server Control
. For more information, see the SDK Guide
.This command has the following format:
selogrcd [-d] [-l lock-file-name]
- -dSpecifies the debug mode. In this mode, selogrcd does not become a daemon. It sends debug information to the terminal.
- -hDisplays the help for this utility.
- -llock-file-nameSpecifies the name of the lock file to be used (lock-file-name). By default, selogrcd uses the fileACInstallDir/lock/selogrcd.If you set selogrd to work on a different log file (such as a PMDB log file), the lock file has an extension based on the PMDB name or the data file name that was used as the parameter for the selogrd command.