Software >> OS >> Unix >> Solaris >> 11 >> How to configure system log (syslog) as the audit message destination

example

# auditconfig -setplugin audit_syslog active p_flags=-lo,-ss,+pf

# vi /etc/syslog.conf

ensure following line present

audit.notice        /var/log/auditlog

# touch /var/log/auditlog

# svcadm refresh system/system-log

# audit -s