Auditable events

Covert channel events

Covert channel events are recorded only on systems running UNIX System V Release 4.1 Enhanced Security that have the Enhanced Security Utilities installed. Unless you are processing a log file from a system running that release, you will not see these events.

See the Auditing Covert Channels chapter of the Audit Trail Administrator's Guide for UNIX System V Release 4.1 Enhanced Security for detailed information on covert channels.

Covert channel events

Event Description Manual page Object audit
cov_chan_1 audit covert channels above threshold NA N
cov_chan_2 audit every occurrence of covert channels above threshold NA N
cov_chan_3 unused but reserved NA N
cov_chan_4 unused but reserved NA N
cov_chan_5 unused but reserved NA N
cov_chan_6 unused but reserved NA N
cov_chan_7 unused but reserved NA N
cov_chan_8 unused but reserved NA N 

 Event        Description                             Manual page   Object audit
 cov_chan_1   audit covert channels above threshold   NA            N
 cov_chan_2   audit every occurrence of covert        NA            N
              channels above threshold
 cov_chan_3   unused but reserved                     NA            N
 cov_chan_4   unused but reserved                     NA            N
 cov_chan_5   unused but reserved                     NA            N
 cov_chan_6   unused but reserved                     NA            N
 cov_chan_7   unused but reserved                     NA            N
 cov_chan_8   unused but reserved                     NA            N
© 1999 The Santa Cruz Operation, Inc. All rights reserved.
UnixWare 7 Release 7.1.1 - 5 November 1999