Manualshelf

OSF DCE Application Development Guide--Core Components

ManualsBrandsHP ManualsServerHP NonStop G-Series
651652653654655656657658659660
DCE Audit Service
33.3.3 Events
An audit event is any event that an audit client wishes to record. Generally, audit events
involve the integrity of the system. For example, when a client withdraws cash from his
bank account, this can be an audit event.
An audit event is associated with a code point in the application server code.
The terms audit event, event, and auditable event are used interchangeably in this book.
33.3.3.1 Event Names and Event Numbers
Each event has a symbolic name as well as a 32-bit number assigned to it. Symbolic
names are used only for documentation in identifying audit events. In creating event
classes, the administrator uses the event numbers associated with these events.
Event numbers are 32-bit integers. Each event number is a tuple made up of a set-id and
the event-id. The set-id corresponds to a set of event numbers and is assigned by OSF to
an organization or vendor. The event-id identifies an event within the set of events. The
organization or vendor manages the issuance of the event ID numbers to generate an
event number.
Event numbers must be consecutive. That is, within a range of event numbers, no gaps in
the consecutive order of the numbers are allowed.
The structure and administration of event numbers can be likened to the structure and
administration of IP addresses. Recall that an IP address is a tuple of a network ID
(analogous to the set-id) and a host ID (analogous to the event-id). The format and
administration of event numbers are also analogous to IP addresses, as will be discussed
in the next sections.
33.3.3.2 Event Number Formats
Events numbers follow one of five formats (A to E), depending on the number of audit
events in the organization. The format of an event number can be determined from its
four high-order bits.
Format A can be used by large organizations (such as OSF or major DCE vendors) that
need more than 16 bits for the event-id. This format allocates 7 bits to the set-id and 24
bits to the event-id. Format A event numbers with zero (0) as its set-id are assigned to
OSF. That is, all event numbers used by OSF have a zero in the most significant byte.
Format B can be used by intermediate-sized organizations that need 8 to 16 bits for the
event-id.
Format C can be used by small organizations that need less than 8 bits for the event-id.
124245 Tandem Computers Incorporated 333