Enabling Basic Security Mode in Solaris 11

To configure Sun Solaris BSM in Solaris 11, you must enable Solaris Basic Security Mode and configure the classes of events the system logs to an audit log file.

1. Log in to Solaris 11 console as a superuser or root.
2. Start the audit service by typing the following command:

   audit -s

3. Set up the attributable classes by typing the following command:

   auditconfig -setflags lo,ps,fw

4. Set up the non-attributable classes by typing the following command:

   auditconfig -setnaflags lo,na

5. To verify that audit service starts, type the following command:

   /usr/sbin/auditconfig -getcond

   If the auditd process is started, the following string is returned:

   audit condition = auditing