[Solaris 10] Setting audit logs for different events. Help ME!!!!!


    Hi guys.

    I have to set audit logs on certain events on a solaris 10 server.

    While I had no problems on linux, I'm going crazy to do the same thing on solaris 10, since I don't have enough expertise on this OS .

    I should be able to identify these 4 different events:


    1: Tracking all the activities performed by root account

    2: Tracking all privilege escalation performed by sudo or su command

    3: Tracking all account removal/add in the system

    4: Detects system time changes which are not done by a local service or a service account.


    Can you give me a hand? Thanks a lot to everyone!