Hitachi Dynamic Link Manager Software Users Guide for AIX (6.6) (T5208-96010, April 2011)

2. HDLM Functions

2.11 Collecting Audit Log Data

HDLM and other Hitachi storage-related products provide an audit log function so that

compliance with regulations, security evaluation standards, and industry-specific

standards can be shown to auditors and evaluators. The following table describes the

categories of audit log data that Hitachi storage-related products can collect.

Table 2-9: Categories of Audit Log Data that Can Be Collected

Category Explanation

StartStop An event indicating the startup or termination of hardware or software,

including:

• OS startup and termination

• Startup and termination of hardware components (including

micro-program)

• Startup and termination of software running on storage systems, software

running on SVPs (service processors), and Hitachi Command Suite

products

Failure An abnormal hardware or software event, including:

• Hardware errors

• Software errors (such as memory errors)

LinkStatus An event indicating the linkage status between devices:

• Link up or link down

ExternalService An event indicating the result of communication between a Hitachi

storage-related product and an external service, including:

• Communication with a RADIUS server, LDAP server, NTP server, or

DNS server,

• Communication with the management server (SNMP)

Authentication An event indicating that a connection or authentication attempt made by a

device, administrator, or end-user has succeeded or failed, including:

• FC login

• Device authentication (FC-SP authentication, iSCSI login authentication,

or SSL server/client authentication)

• Administrator or end-user authentication

AccessControl An event indicating that a resource access attempt made by a device,

administrator, or end-user has succeeded or failed, including:

• Device access control

• Administrator or end-user access control