1.\" Copyright (c) 2004 Apple Inc. 2.\" All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 3. Neither the name of Apple Inc. ("Apple") nor the names of 13.\" its contributors may be used to endorse or promote products derived 14.\" from this software without specific prior written permission. 15.\" 16.\" THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND 17.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19.\" ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR 20.\" ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 24.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 25.\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 26.\" POSSIBILITY OF SUCH DAMAGE. 27.\" 28.Dd March 17, 2004 29.Dt AUDIT_WARN 5 30.Os 31.Sh NAME 32.Nm audit_warn 33.Nd "alert when audit daemon issues warnings" 34.Sh DESCRIPTION 35The 36.Nm 37script 38runs when 39.Xr auditd 8 40generates warning messages. 41.Pp 42The default 43.Nm 44is a script whose first parameter is the type of warning; the script 45appends its arguments to 46.Pa /etc/security/audit_messages . 47Administrators may replace this script: a more comprehensive one would take 48different actions based on the type of warning. 49For example, a low-space warning 50could result in an email message being sent to the administrator. 51.Sh FILES 52.Bl -tag -width ".Pa /etc/security/audit_messages" -compact 53.It Pa /etc/security/audit_warn 54.It Pa /etc/security/audit_messages 55.El 56.Sh SEE ALSO 57.Xr audit 4 , 58.Xr auditd 8 59.Sh HISTORY 60The OpenBSM implementation was created by McAfee Research, the security 61division of McAfee Inc., under contract to Apple Computer Inc.\& in 2004. 62It was subsequently adopted by the TrustedBSD Project as the foundation for 63the OpenBSM distribution. 64.Sh AUTHORS 65.An -nosplit 66This software was created by McAfee Research, the security research division 67of McAfee, Inc., under contract to Apple Computer Inc. 68Additional authors include 69.An Wayne Salamon , 70.An Robert Watson , 71and SPARTA Inc. 72.Pp 73The Basic Security Module (BSM) interface to audit records and audit event 74stream format were defined by Sun Microsystems. 75