System Accounting with audit

Description

The Basic Security Module (BSM) security audit API and file format is Apple's auditing system. The audit() function submits a record to the kernel for inclusion in the global audit trail. The record must already be in BSM format. To protect the integrity of the audit trail, this system call must be made with sufficient privileges. Libbsm can be used to create and manipulate BSM data. Length is the length in bytes of the BSM record and record points to the data. The audit service provides substantial capabilities for recording system activities. Secure networks often have substantial auditing requirements, and auditd can be configured to meet these requirements.