Information
To group a set of related audit events, the Solaris Audit service provides the ability for sites to define their own audit classes that contain just those events that the site wants to audit.
Rationale:
To simplify administration, a CIS specific audit class should be created.
Solution
To create the CIS audit class, edit the /etc/security/audit_class file and add the following entry before the last line of the file:
0x0100000000000000:cis:CIS Solaris Benchmark