Set Audit Commands

Use this group policy to specify commands to audit.

If this group policy is enabled, you can create a command list and specify whether each command in the list is audited. Commands in the command list that have an action of Enable are audited by the auditing agent. Commands in the command list that have an action of Disable are not audited by the auditing agent.

If this group policy is disabled or not configured, commands to be audited must be configured manually on each UNIX computer.

When you add a command to the list, you must specify the full path to the command. You cannot add a link, shell, or wrapper script to the command list.

To use this group policy:

1. Double-click the policy in the right pane of the Group Policy Management Editor.

2. On the Policy tab, select Enabled.

3. Click Show to add or remove a command to the Audit Commands list.

   The Show Contents dialog box opens.

4. In the Value Name field, enter the full UNIX path name of the command.

5. In the Value field, enter "Enable" or "Disable" to specify whether to enable or disable auditing for the command.

   Click OK to save the changes and exit the Show Contents dialog box.

6. Click Apply in the Set audit commands dialog box to save settings in this policy, and then click OK to close the dialog box.