PRAUDIT(8) System Manager's Manual PRAUDIT(8)
praudit - print contents of an audit trail file
praudit [ -lrs ] [ -ddel ] [ filename ... ]
This program is available with the Security software installation
option. Refer to for information on how to install optional software.
praudit reads the listed filenames (or standard input, if no filename
is specified) and interprets the data as audit trail records as defined
in audit_control(5). By default, times, security labels, user and
group IDs (UIDs and GIDs, respectively) are converted to their ASCII
representation. Record type and event fields are converted to long
ASCII representation. A maximum of 100 audit files can be specified on
the command line.
-l Print records one line per record. The record type and event
fields are always converted to their short ASCII representation.
-r Print records in their raw form. Times, security labels, UIDs,
GIDs, record types, and events are displayed as integers. Cur-
rently, labels are not used and are displayed as zero in this
mode. This option and the -s option are exclusive. If both are
used, a format usage error message is output.
-s Print records in their short form. All numeric fields are con-
verted to ASCII and displayed. The short ASCII representations
for the record type and event fields are used. Security labels
are displayed in their short representation. Again, labels are
not currently used. This option and the -r option are exclu-
sive. If both are used, a format usage error message is output.
-ddel Use del as the field delimiter instead of the default delimiter,
which is the comma. If del has special meaning for the shell,
it must be quoted. The maximum size of a delimiter is four
audit(2), setuseraudit(2), getauditflags(3), audit_control(5)
7 September 1988 PRAUDIT(8)