OSF DCE Application Development Guide--Core Components

Chapter 33. DCE Audit Service

Audit plays a critical role in distributed systems. Adequate audit facilities are necessary

for detecting and recording critical events in distributed applications.

Audit, a key component of DCE, is provided by the DCE Audit Service.

This chapter provides an introduction to the DCE Audit Service.

33.1 Features of the DCE Audit Service

The DCE Audit Service has the following features:

• An audit daemon performs the logging of audit records based on speciﬁed criteria.

• Application programming interfaces (APIs) can be used as part of application server

programs to record audit events. These APIs can also be used to create tools that

analyze the audit records.

• An administrative command interface to the audit daemon directs the daemon in

selecting the events that are going to be recorded based on certain criteria.

• An event classiﬁcation mechanism is used to logically group a set of audit events for

ease of administration.

• Audit records can be directed to logs or to the console.

33.2 Components of the DCE Audit Service

The DCE Audit Service has three basic components:

• application programming interfaces (APIs)

Provide the functions that are used to detect and record critical events when the

application server services a client. The application programmer uses these functions

at code points in the application server program to actuate the recording of audit

events.

124245 Tandem Computers Incorporated 33−1