Security and Auditing Library Functions getauevent(3BSM)
NAME
getauevent, getauevnam, getauevnum, getauevnonam,
setauevent, endauevent, getaueventr, getauevnamr,
getauevnumr - get auditevent entry
SYNOPSIS
cc [ flag... ] file... -lbsm -lsocket -lnsl [ library... ]
#include
#include
struct aueventent *getauevent(void);
struct aueventent *getauevnam(char *name);
struct aueventent *getauevnum(aueventt eventnumber);
aueventt getauevnonam(char *eventname);
void setauevent(void);
void endauevent(void);
struct aueventent *getaueventr(auevententt *e);
struct aueventent *getauevnamr(auevententt *e, char *name);
struct aueventent *getauevnumr(auevententt *e,
aueventt eventnumber);
DESCRIPTION
These functions document the programming interface for
obtaining entries from the auditevent(4) file. The
getauevent(), getauevnam(), getauevnum(), getauevent(),
getauevnam(), and getauevnum() functions each return a
pointer to an auditevent structure.
The getauevent() and getaueventr() functions enumerate
auditevent entries. Successive calls to these functions
return either successive auditevent entries or NUL.
SunOS 5.11 Last change: 25 Jun 2008 1
Security and Auditing Library Functions getauevent(3BSM)
The getauevnam() and getauevnamr() functions search for an
auditevent entry with eventname.
The getauevnum() and getauevnumr() functions search for an
auditevent entry with eventnumber.
The getauevnonam() function searches for an auditevent
entry with eventname and returns the corresponding event
number.
The setauevent() function ``rewinds'' to the beginning of
the enumeration of auditevent entries. Calls to getauev-
nam(), getauevnum(), getauevnonum(), getauevnamr(), or
getauevnumr() can leave the enumeration in an indeterminate
state. The setauevent() function should be called before the
first call to getauevent() or getaueventr().
The endauevent() function can be called to indicate that
auditevent processing is complete. The system can then
close any open auditevent file, deallocate storage, and so
forth.
The getaueventr(), getauevnamr(), and getauevnumr() func-
tions each take an argument e, which is a pointer to an
auevententt. This pointer is returned on a successful
function call. To assure there is enough space for the
information returned, the applications programmer should be
sure to allocate AUEVENTNAMEMAX and AUEVENTDESCMAX
bytes for the aename and acdesc elements of the
auevententt data structure.
The internal representation of an auditevent entry is an
aueventent structure defined in with the
following members:
aueventt aenumber
char *aename;
char *aedesc*;
auclasst aeclass;
RETURN VALUES
The getauevent(), getauevnam(), getauevnum(),
getaueventr(), getauevnamr(), and getauevnumr() functions
return a pointer to a aueventent structure if the
requested entry is successfully located. Otherwise they
SunOS 5.11 Last change: 25 Jun 2008 2
Security and Auditing Library Functions getauevent(3BSM)
return NUL.
The getauevnonam() function returns an event number of type
aueventt if it successfully enumerates an entry. Otherwise
it returns NUL, indicating it could not find the requested
event name.
FILES
/etc/security/auditevent file that maps audit event
numbers to audit event names
/etc/passwd file that stores user-ID to
username mappings
ATRIBUTES
See attributes(5) for descriptions of the following attri-
butes:
ATRIBUTE TYPE ATRIBUTE VALUE
MT-Level MT-Safe with exceptions
The getauevent(), getauevnam(), and getauevnum() functions
are Unsafe. The equivalent functions getaueventr(),
getauevnamr(), and getauevnumr() provide the same func-
tionality and an MT-Safe function call interface.
SEE ALSO
bsmconv(1M), getauclassent(3BSM), getpwnam(3C),
auditclass(4), auditevent(4), passwd(4), attributes(5)
NOTES
All information for the getauevent(), getauevnam(), and
getauevnum() functions is contained in a static area, so it
must be copied if it is to be saved.
The functionality described on this manual page is available
only if the Solaris Auditing has been enabled. See
bsmconv(1M) for more information.
SunOS 5.11 Last change: 25 Jun 2008 3
|
