audit verify
Verify the audit log records. This command displays details for the indicated file, or verifies records in the specified range from the named file.
NOTE If the log file is archived (tar or tgz) it must be untarred/unzipped before audit verify can work on records in that log. You cannot verify a ".tgz" file directly. The audit verify command is not able to verify a log that was in-progress when it was archived. Only logs from the ready_for_archive folder, logs that have been completed and closed, can be verified. This usually means that if you cannot verify the most recent log entry in an archive, then that same entry is probably the first log entry in the next archive, where it was properly closed and can be verified.
NOTE The audit commands appear only when LunaCM's active slot is set to the administrative partition.
Syntax
audit verify [start <start record>] [end <end record>] file <fully_qualified_filename> [details]
Argument(s) | Shortcut | Description |
---|---|---|
start | s | The index of the first record in file to verify. If this parameter is omitted, the first record in file is assumed. |
end | e | The index of the last record in file to verify. If this parameter is omitted, the last record in file is assumed. |
file | f | The fully-qualified name of file containing data to verify. This is the only mandatory parameter. |
details | d | Show details for file. This includes the first and last timestamps, first and last record sequence numbers, and total number of records in the file. |
Example
lunacm:>audit verify file hsm_66331_00000001.log details start 1 end 46
file /var/audit/66331/hsm_66331_00000001.log: 270541 records
first record: sequence number 1, timestamp NO HSM TIME
last record: sequence number 270540, timestamp 17/02/27 14:33:21
Verified messages 1 to 46
Command Result : No Error