The “SVC_PROP” audit check lets one interact with the
svcprop –p tool on a Solaris 10 system. This can be used to query properties associated with a specific service. The
service keyword is used to specify the service that is being audited. The
property keyword specifies the name of the property that we want to query. The
value keyword is the expected value of the property. The expected value can also be a regex.
svcprop_option field can be set to specify if the audited string being searched for is required to be present or not. This field access CAN_BE_NULL or CANNOT_BE_NULL as arguments.
description: "Check service status"
description: "Make sure FTP logging is set"
description: "Check if ipfilter is enabled – can be missing or not found"