lsauditlogdumps

The lsauditlogdumps command generates a list of the audit log dumps that are available on the nodes in the cluster.

Syntax

Read syntax diagramSkip visual syntax diagram
>>- svcinfo -- -- lsauditlogdumps -- --+----------+-- ---------->
                                       '- -nohdr -'      

>--+-----------------------+-- --+-------------+---------------><
   '- -delim -- delimiter -'     +- node_id ---+   
                                 '- node_name -'   

Parameters

-nohdr
(Optional) By default, headings are displayed for each column of data in a concise style view, and for each item of data in a detailed style view. The -nohdr parameter suppresses the display of these headings.
Note: If there is no data to be displayed, headings are not displayed.
-delim delimiter
(Optional) By default in a concise view, all columns of data are space-separated. The width of each column is set to the maximum possible width of each item of data. In a detailed view, each item of data has its own row, and if the headers are displayed, the data is separated from the header by a space. The -delim parameter overrides this behavior. Valid input for the -delim parameter is a 1-byte character. If you enter -delim : on the command line, the colon character (:) separates all items of data in a concise view; for example, the spacing of columns does not occur. In a detailed view, the data is separated from its header by the specified delimiter.
node_id | node_name
(Optional) Specifies the node ID or name to list the available dumps of the given type. If you do not specify a node, the files on the current configuration node are displayed.

Description

This command lists the dump files that are in the /dumps/audit directory on the specified node, or on the configuration node if a node is not specified.

The cluster automatically creates the audit log. The audit log can also be created manually by issuing the svctask dumpauditlog command. The audit log comprises the files that are listed by the svcinfo lsauditlogdumps command. These files are limited to approximately 200 MB on each node in the cluster, at which point the oldest files are automatically deleted. When the configuration node changes to a different node in the cluster, any old audit log files are left on the former configuration node. As with other types of dumps, you can retrieve those files using the cpdumps command.

An invocation example 

svcinfo lsauditlogdumps

The resulting output 

id auditlog_filename
0 auditlog_0_229_060311234532_0000020060013d8a
1 auditlog_230_475_060312234529_0000020060013d8a
2 auditlog_476_491_060313234527_0000020060013d8a

Audit log dump file contents 

...
Auditlog Entry:23
Audit Sequence Number :138
Timestamp :Sat Mar 11 13:46:17 2006
:Epoch + 1142084777
SVC User :admin
SSH Label :Joe
ICAT User :
Result Object ID :
Result Code :0
Action Command :svctask chmdisk -name cc-2 9
Auditlog Entry:24
Audit Sequence Number :139
Timestamp :Sat Mar 11 13:46:32 2006
:Epoch + 1142084792
SVC User :admin
SSH Label :Joe
ICAT User :
Result Object ID :
Result Code :0
Action Command :svctask mkmdiskgrp -name custa-mdisks -ext
512 -mdisk ca-0:ca-1:ca-2
...
Parent topic: Audit log commands
Library | Support | Terms of use | Feedback
© Copyright IBM Corporation 2003, 2009. All Rights Reserved.