Chat now with support
Chat with Support

Privilege Manager for Unix 6.1 Common Documents - Administration Guide

One Identity Privileged Access Suite for Unix Introducing Privilege Manager for Unix Planning Deployment Installation and Configuration Upgrade Privilege Manager for Unix System Administration Managing Security Policy The Privilege Manager for Unix Security Policy Advanced Privilege Manager for Unix Configuration Administering Log and Keystroke Files InTrust Plug-in for Privilege Manager Troubleshooting Privilege Manager for Unix Policy File Components Privilege Manager Variables Privilege Manager for Unix Flow Control Statements Privilege Manager for Unix Built-in Functions and Procedures Privilege Manager programs Installation Packages

event

Description

Type string READONLY

event identifies the type of event logged by the policy server process. An event is logged when the policy server accepts or rejects a command. An event is also logged by the agent when a runcommand completes execution and an alert is raised.

Possible values are:

  • Accept
  • Reject
  • Finish
  • AlertRaised

This value is saved in the event log and can be viewed using pmlog.

Example
#Display all accepted events from the audit log 
pmlog –c 'event == "Accept"'
Related Topics

eventlog

eventloghost

exitdate

Description

Type string READONLY

exitdate is the date the requested command finished running. This is saved in the event log when the session exits, and can be viewed using pmlog.

Example
#Display all events that finished on 15 january 2009 
pmlog -c 'exitdate == "2009/01/15"'
Related Topics

exitstatus

exittime

exitstatus

Description

Type string READONLY

exitstatus contains the exit status of the runcommand. This variable is not available for use in the policy file. It is logged in the "Finish" event by pmlocald when the session ends.

Example
#Display all sh commands that failed to complete successfully
pmlog –c 'runcommand == "sh" && exitstatus != "Command finished with exit status 0"'
Related Topics

exitdate

exittime

exittime

Description
Type string READONLY

exittime is the time the requested command finished running (HH:MM:SS)

Example
#display all commands that finished after 6pm 
pmlog –c 'exittime > "18:00:00"'
Related Topics

exitstatus

exitdate

Related Documents