By default, which directory does the audit_binfile plug-in write log files in, and what is the maximum size of each log file?
A. /var/adm/audit, 100 MB
B. /var/audit, 100 MB
C. /var/adm, no limit
D. /var/audit, no limit
E. /var/adm/audit, 16 EB
Correct Answer: D
Explanation/Reference:
Explanation:
* The following directives cause audit_binfile.so to be loaded, specify the directories for writing audit logs, and specify the percentage of required free space per directory.
auditconfig -setplugin audit_binfile active
"p_dir=/var/audit/jedgar/eggplant,/var/audit/jedgar.aux/eggplant, /var/audit/global/eggplant;p_minfree=20;p_fsize=4.5GB"
* The attributes specifying the configuration of audit_binfile plugin include:
p_dir
dir1[,dir2],.. [,dirn]
A list of directories, where the audit files will be created. Any valid writable directory can be specified.
p_fsize
The p_fsize attribute defines the maximum size that an audit file can become before it is automatically closed and a new audit file is opened. This is equivalent to an administrator issuing an audit -ncommand when the audit file size equals the value specified by the administrator. The default size is zero (0), which allows the file to grow without bound.
|
Download Printable PDF. VALID exam to help you PASS.
|
 |
D
By default, the /var/audit file system holds audit files for the audit_binfile plugin.
The default class preselection creates files in /var/audit that grow by about 80 bytes for every recorded instance of an event in the lo class, such as a login, logout, or role assumption.
By default, an audit file can grow to the size of the pool. For manageability, limit the size of the audit files.