Controlling Access to the Audit Daemon
You must control access to the audit daemon to prevent unauthorized application servers (the audit clients) from using it. If an unauthorized server is able to log its audit records, the audit storage space would be exhausted.
You control access to the audit daemon by editing the ACL of the audit daemon object, /.:/hosts/hostname/audit-server, using dcecp.
More:
DCE Permissions Supported by the DCE Audit Service
Initial ACL of the Audit Daemon
Giving Permissions to Audit Clients and Administrators