System call mapping (UNIX)

Module: System Auditing

This check verifies that system calls are mapped to events as specified in the Event Maps template. This check is currently supported only on AIX, HP-UX, and Solaris operating systems. Use the file list to enable or disable the Event Maps templates.

The following table lists the error message for the check.

Table: Error message for System call mapping

Message String ID and Category	Platform and Message Numeric ID	Message Title and Description	Additional Information
String ID: STKU_EVENTMAP Category: Policy Compliance	UNIX (6145)	Title: Event map error Description:The system call specified is not mapped to the named event.	Severity: yellow-3 Correctable: false Snapshot Updatable: false Template Updatable: false Information Field Format: [System Call: %s]

Message String ID and Category

Platform and Message Numeric ID

Message Title and Description

Additional Information

String ID: STKU_EVENTMAP

Category: Policy Compliance

UNIX (6145)

Title: Event map error

Description:The system call specified is not mapped to the named event.

Severity: yellow-3

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [System Call: %s]