Solaris BART (Basic Auditing and Reporting Tool)

BART (Basic Auditing and Reporting Tool) provides the ability to determine file-level changes at a granular level within the Solaris 10 operating system. This is achieved via the creation of 2 manifest files (a control-manifest and test-manifest), each manifest catalogs the attributes of each file and then a comparison is run between the files and the subsequent discrepancies displayed. The option of a rules files is also supplied allowing the administrator to define which files, folders and attributes are to be cataloged and compared.

Configuring BART

Configuring BART requires:

1.    BART Installation
2.    Creation of a rules file
3.    Generating a control-manifest file
4.    Generating a test-manifest file
5.    Comparison of the control-manifest and test-manifest files.

BART Installation

BART is installed via the installation of the SUNWbart binary. This binary is normally found within the Solaris Installation CD.

pkgadd -i SUNWbart

Once the BART binary is installed it is also worth creating a BART directory in order to store your BART files.

mkdir /bart

Creation of a Rules File

The rules file will define which attributes and files are cataloged and compared against. Create a file within /bart named bart.rules.
Below is an example based on specifying the contents and time attributes for files within the /etc directly.

IGNORE all
CHECK contents mtime
/etc

Generating a control-manifest file

bart create -r /bart/bart.rules > /bart/bart.manifest

Generating a test-manifest file

bart create -r /bart/bart.rules > /bart/bart.manifest-`date ‘+%d%m%Y’`

Comparison of the control-manifest and test-manifest files.

Compare the 2 manifest files.

bart compare -r /bart/bart.rules -p /bart/bart.manifest /bart/bart.manifest-`date ‘+%d%m%Y’`

• Author
• Recent Posts

Rick Donato

Rick Donato is a Network Automation Architect/Evangelist and the founder of Packet Coders.

Latest posts by Rick Donato (see all)

• How to Configure a BIND Server on Ubuntu - March 15, 2018
• What is a BGP Confederation? - March 6, 2018
• Cisco – What is BGP ORF (Outbound Route Filtering)? - March 5, 2018

Want to become a UNIX expert?

Here is our hand-picked selection of the best courses you can find online:
UNIX Administration Fundamentals
Vim Masterclass
and our recommended certification practice exams:
AlphaPrep Practice Tests - Free Trial