Thursday, 16 April 2015

Basic Audit Reporting Tool

 Basic Audit Reporting Tool (BART)



propose auditing. There is a small but cool tool in Solaris. It solves the problem of "No,i haven't changed anything on the system". It's called BART, the Basic Audit Reporting Tool. It a really simple tool and it's really easy to use.

Usage

Okay, let's assume after some days of work you _nally con_gured all components of your
new system. Okay, create a nice place to store the output of the bart tool. After this
you start bart for the _rst time to create the _rst manifest of your system.

# mkdir /bart – files

# bart create -R /etc > /bart - files /etc. control . manifest

The manifest stores all informations about the _les. This is the example for the
<code>/etc/nsswitch.nisplus</code>:

# cat etc. control . manifest | grep "/ nsswitch . nisplus "
/ nsswitch . nisplus F 2525 100644 user ::rw -, group ::r--, mask :r--,
other :r-- 473976 b5 0 3 79 e8fd689a5221d1cd059e5077da71b8

Now lets change some files:

# touch /etc/ thisisjustatest

# chmod 777 /etc/ nsswitch . files

# echo "# just a test " >> /etc/ nsswitch . nisplus
Okay, enough changes. Let's create a new manifest of the changed /etc. Pipe it to a
di_erent _le.

# bart create -R /etc > /bart - files /etc. check20080202 . manifest
Now we can compare the baseline manifest with the actual manifest.

# cd /bart - files
# bart compare etc. control . manifest etc. check20080202 . manifest
134
14 Basic Audit Reporting Tool
This command prints all di_erences between the two manifests and thus the di_erence
between the tow states of the system
/ nsswitch . files :
mode control :100644 test :100777
acl control : user ::rw -, group ::r--, mask :r--, other :r-- test :
user :: rwx , group :: rwx , mask :rwx , other :rwx
/ nsswitch . nisplus :
size control :2525 test :2538
mtime control :473976 b5 test :47 a44862
contents control :79 e8fd689a5221d1cd059e5077da71b8 test :3
f79176ec352441db11ec8a3d02ef67c
/ thisisjustatest :
Add

 A really nice tool.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

For Online and Class Room Training:-
Our UNIX and Linux/Solaris training courses provide the skills to manage data, execute commands, administer and customize your Linux and UNIX environment.
Please Contact us: +91-8179101478, 8686025550
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++



-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Job chronyd.service/start failed with result 'dependency'

 Job chronyd.service/start failed with result 'dependency' Issue :  CRITICAL: Neither ntpd nor chronyd running. Exiting  Error :  sy...