dumpauditlog

Description

This command dumps the contents of the audit log to a file on the current configuration node. It also clears the contents of the audit log. This command is logged as the first entry in the new audit log.

Audit log dumps are automatically maintained in the /dumps/audit directory. The local file system space is used by audit log dumps and is limited to 200 MB on any node in the clustered system. The space limit is maintained automatically by deleting the minimum number of old audit log dump files so that the /dumps/audit directory space is reduced below 200 MB. This deletion occurs once per day on every node in the system. The oldest audit log dump files are considered to be the ones with the lowest audit log sequence number. Also, audit log dump files with a clustered system ID number that does not match the current one are considered to be older than files that match the system ID, regardless of sequence number.

Other than by running dumps (or copying dump files among nodes), you cannot alter the contents of the audit directory. Each dump file name is generated automatically in the following format:

auditlog_firstseq_lastseq_timestamp_systemid

The audit log entries in the dump files contain the same information as displayed by the catauditlog command; however, the dumpauditlog command displays the information with one field per line. The lsdumps command displays a list of the audit log dumps that are available on the nodes in the clustered system.

Use this command to manually dump the contents of the in-memory audit log to a file on the current configuration node and clear the contents of the in-memory audit log. Use the catauditlog command to display the in-memory audit log.