Audit Trail Data

Audit Trail Data

File: time: 2009-10-16 15:58:22.316 -07:00

Event: login - ssh
time: 2009-10-16 15:58:37.407 -07:00 vers: 2 mod: host: quadra
SUBJECT audit-uid: benr uid: benr gid: staff ruid: benr rgid: staff pid: 20670 sid: 3623559241 tid: 7283 202240 lappy
RETURN errval: failure retval: Authentication failed
ZONE name: global
SEQUENCE seq-num: 1369

Event: login - ssh
time: 2009-10-16 15:58:40.902 -07:00 vers: 2 mod: host: quadra
SUBJECT audit-uid: benr uid: benr gid: staff ruid: benr rgid: staff pid: 20676 sid: 3415402787 tid: 7347 202240 lappy
RETURN errval: success retval: 0
ZONE name: global
SEQUENCE seq-num: 1370

Event: execve(2)
time: 2009-10-16 15:58:40.911 -07:00 vers: 2 mod: host: quadra
PATH: /usr/bin/bash
ATTRIBUTE mode: 100555 uid: root gid: bin fsid: 128 nodeid: 5425 device: 0
EXEC_ARGS
arg: -bash
PATH: /lib/ld.so.1
ATTRIBUTE mode: 100755 uid: root gid: bin fsid: 128 nodeid: 4059 device: 0
SUBJECT audit-uid: benr uid: benr gid: staff ruid: benr rgid: staff pid: 20681 sid: 3415402787 tid: 7347 202240 lappy
RETURN errval: success retval: 0
ZONE name: global
SEQUENCE seq-num: 1371

Event: execve(2)
time: 2009-10-16 15:58:40.918 -07:00 vers: 2 mod: host: quadra
PATH: /usr/lib/fs/ufs/quota
ATTRIBUTE mode: 104555 uid: root gid: bin fsid: 128 nodeid: 590 device: 0
EXEC_ARGS
arg: /usr/sbin/quota
PATH: /lib/ld.so.1
ATTRIBUTE mode: 100755 uid: root gid: bin fsid: 128 nodeid: 4059 device: 0
SUBJECT audit-uid: benr uid: root gid: staff ruid: benr rgid: staff pid: 20682 sid: 3415402787 tid: 7347 202240 lappy
RETURN errval: success retval: 0
ZONE name: global
SEQUENCE seq-num: 1372

Event: execve(2)
time: 2009-10-16 15:58:40.934 -07:00 vers: 2 mod: host: quadra
PATH: /usr/bin/cat
ATTRIBUTE mode: 100555 uid: root gid: bin fsid: 128 nodeid: 286 device: 0
EXEC_ARGS
arg: /bin/cat
arg: -s
arg: /etc/motd
PATH: /lib/ld.so.1
ATTRIBUTE mode: 100755 uid: root gid: bin fsid: 128 nodeid: 4059 device: 0
SUBJECT audit-uid: benr uid: benr gid: staff ruid: benr rgid: staff pid: 20683 sid: 3415402787 tid: 7347 202240 lappy
RETURN errval: success retval: 0
ZONE name: global
SEQUENCE seq-num: 1373

Event: execve(2)
time: 2009-10-16 15:58:40.938 -07:00 vers: 2 mod: host: quadra
PATH: /usr/bin/mail
ATTRIBUTE mode: 102511 uid: root gid: mail fsid: 128 nodeid: 395 device: 0
EXEC_ARGS
arg: /bin/mail
arg: -E
PATH: /lib/ld.so.1
ATTRIBUTE mode: 100755 uid: root gid: bin fsid: 128 nodeid: 4059 device: 0
SUBJECT audit-uid: benr uid: benr gid: mail ruid: benr rgid: staff pid: 20684 sid: 3415402787 tid: 7347 202240 lappy
RETURN errval: success retval: 0
ZONE name: global
SEQUENCE seq-num: 1374

Event: execve(2)
time: 2009-10-16 15:58:50.236 -07:00 vers: 2 mod: host: quadra
PATH: /usr/gnu/bin/cat
ATTRIBUTE mode: 100555 uid: root gid: bin fsid: 128 nodeid: 34677 device: 0
EXEC_ARGS
arg: cat
arg: /etc/shadow
PATH: /lib/ld.so.1
ATTRIBUTE mode: 100755 uid: root gid: bin fsid: 128 nodeid: 4059 device: 0
SUBJECT audit-uid: benr uid: benr gid: staff ruid: benr rgid: staff pid: 20685 sid: 3415402787 tid: 7347 202240 lappy
RETURN errval: success retval: 0
ZONE name: global
SEQUENCE seq-num: 1375

Event: execve(2)
time: 2009-10-16 15:58:57.629 -07:00 vers: 2 mod: host: quadra
PATH: /usr/gnu/bin/cat
ATTRIBUTE mode: 100555 uid: root gid: bin fsid: 128 nodeid: 34677 device: 0
EXEC_ARGS
arg: cat
arg: /etc/passwd
PATH: /lib/ld.so.1
ATTRIBUTE mode: 100755 uid: root gid: bin fsid: 128 nodeid: 4059 device: 0
SUBJECT audit-uid: benr uid: benr gid: staff ruid: benr rgid: staff pid: 20686 sid: 3415402787 tid: 7347 202240 lappy
RETURN errval: success retval: 0
ZONE name: global
SEQUENCE seq-num: 1376

Event: execve(2)
time: 2009-10-16 15:58:59.605 -07:00 vers: 2 mod: host: quadra
PATH: /usr/bin/su
ATTRIBUTE mode: 104555 uid: root gid: sys fsid: 128 nodeid: 443 device: 0
EXEC_ARGS
arg: su
PATH: /lib/ld.so.1
ATTRIBUTE mode: 100755 uid: root gid: bin fsid: 128 nodeid: 4059 device: 0
SUBJECT audit-uid: benr uid: root gid: staff ruid: benr rgid: staff pid: 20687 sid: 3415402787 tid: 7347 202240 lappy
RETURN errval: success retval: 0
ZONE name: global
SEQUENCE seq-num: 1377

Event: su
time: 2009-10-16 15:59:00.440 -07:00 vers: 2 mod: host: quadra
SUBJECT audit-uid: benr uid: root gid: staff ruid: benr rgid: staff pid: 20687 sid: 3415402787 tid: 7347 202240 lappy
TEXT: root
RETURN errval: failure retval: Authentication failed
ZONE name: global
SEQUENCE seq-num: 1378

Event: execve(2)
time: 2009-10-16 15:59:05.957 -07:00 vers: 2 mod: host: quadra
PATH: /usr/bin/su
ATTRIBUTE mode: 104555 uid: root gid: sys fsid: 128 nodeid: 443 device: 0
EXEC_ARGS
arg: su
PATH: /lib/ld.so.1
ATTRIBUTE mode: 100755 uid: root gid: bin fsid: 128 nodeid: 4059 device: 0
SUBJECT audit-uid: benr uid: root gid: staff ruid: benr rgid: staff pid: 20688 sid: 3415402787 tid: 7347 202240 lappy
RETURN errval: success retval: 0
ZONE name: global
SEQUENCE seq-num: 1379

Event: su
time: 2009-10-16 15:59:06.696 -07:00 vers: 2 mod: host: quadra
SUBJECT audit-uid: benr uid: root gid: staff ruid: benr rgid: staff pid: 20688 sid: 3415402787 tid: 7347 202240 lappy
TEXT: root
RETURN errval: failure retval: Authentication failed
ZONE name: global
SEQUENCE seq-num: 1380

Event: execve(2)
time: 2009-10-16 15:59:13.437 -07:00 vers: 2 mod: host: quadra
PATH: /usr/bin/su
ATTRIBUTE mode: 104555 uid: root gid: sys fsid: 128 nodeid: 443 device: 0
EXEC_ARGS
arg: su
PATH: /lib/ld.so.1
ATTRIBUTE mode: 100755 uid: root gid: bin fsid: 128 nodeid: 4059 device: 0
SUBJECT audit-uid: benr uid: root gid: staff ruid: benr rgid: staff pid: 20689 sid: 3415402787 tid: 7347 202240 lappy
RETURN errval: success retval: 0
ZONE name: global
SEQUENCE seq-num: 1381

Event: su
time: 2009-10-16 15:59:15.091 -07:00 vers: 2 mod: host: quadra
SUBJECT audit-uid: benr uid: root gid: root ruid: root rgid: root pid: 20689 sid: 3415402787 tid: 7347 202240 lappy
RETURN errval: success retval: 0
ZONE name: global
SEQUENCE seq-num: 1382

Event: execve(2)
time: 2009-10-16 15:59:15.095 -07:00 vers: 2 mod: host: quadra
PATH: /usr/bin/bash
ATTRIBUTE mode: 100555 uid: root gid: bin fsid: 128 nodeid: 5425 device: 0
EXEC_ARGS
arg: bash
PATH: /lib/ld.so.1
ATTRIBUTE mode: 100755 uid: root gid: bin fsid: 128 nodeid: 4059 device: 0
SUBJECT audit-uid: benr uid: root gid: root ruid: root rgid: root pid: 20690 sid: 3415402787 tid: 7347 202240 lappy
RETURN errval: success retval: 0
ZONE name: global
SEQUENCE seq-num: 1383

Event: execve(2)
time: 2009-10-16 15:59:21.254 -07:00 vers: 2 mod: host: quadra
PATH: /usr/gnu/bin/cat
ATTRIBUTE mode: 100555 uid: root gid: bin fsid: 128 nodeid: 34677 device: 0
EXEC_ARGS
arg: cat
arg: /etc/shadow
PATH: /lib/ld.so.1
ATTRIBUTE mode: 100755 uid: root gid: bin fsid: 128 nodeid: 4059 device: 0
SUBJECT audit-uid: benr uid: root gid: root ruid: root rgid: root pid: 20691 sid: 3415402787 tid: 7347 202240 lappy
RETURN errval: success retval: 0
ZONE name: global
SEQUENCE seq-num: 1384

Event: su logout
time: 2009-10-16 15:59:32.439 -07:00 vers: 2 mod: host: quadra
SUBJECT audit-uid: benr uid: root gid: root ruid: root rgid: root pid: 20689 sid: 3415402787 tid: 7347 202240 lappy
RETURN errval: success retval: 0
ZONE name: global
SEQUENCE seq-num: 1385

Event: logout
time: 2009-10-16 15:59:34.487 -07:00 vers: 2 mod: host: quadra
SUBJECT audit-uid: benr uid: benr gid: staff ruid: benr rgid: staff pid: 20676 sid: 3415402787 tid: 7347 202240 lappy
RETURN errval: success retval: 0
ZONE name: global
SEQUENCE seq-num: 1386

File: time: 2009-10-16 15:59:43.587 -07:00
/var/audit/20091016225943.not_terminated.quadra