OSF DCE Application Development Guide--Core Components
DCE Audit Service
dce_aud_commit(at,ard,options,format,&outcome,&status);
acct_close() /* second code point */
/* Uses the event number for acct_close(),
* evt_vn_bank_server_acct_close */
dce_aud_start(evt_vn_bank_server_acct_close,
binding,options,outcome,&ard, &status);
if (ard) /* If events need to be logged */
dce_aud_put_ev_info(ard,info,&status);
if (ard) /* If events need to be logged */
dce_aud_commit(at,ard,options,format,&outcome,&status);
5. The programmer uses the dce_aud_close( ) API in the termination routine of the
application server. This API closes the audit trail file (and frees up memory) if the
applicaton server shuts down.
The coding of the application program to enable auditing is essentially complete at
this point.
33.4.2 Administrator Tasks
The following steps will be performed by the administrator to filter the audit events and
control the audit trail file.
1. The administrator obtains the event numbers corresponding to the events
represented by the code points in the bank server program from the programmer or
from the program’s documentation. These events and their assigned event
numbers are as follows:
acct_open( ) 0xC1000000
acct_close() 0xC1000001
acct_withdraw() 0xC1000002
acct_deposit( ) 0xC1000003
acct_transfer() 0xC1000004
2. The administrator decides to create two event classes: the
account_creation_operations class comprised of acct_open() and acct_close(),
and the account_balance_operations class comprised of acct_withdraw(),
acct_deposit( ), and acct_transfer( ).
3. The administrator decides to create two filters: one for all users within the cell (for
the cell /.:/torolabcell), and the other for all other users.
The filter for all users within the cell has the following guides:
a. Audit the events in the event class account_balance_operations only,
subject to the next condition.
124245 Tandem Computers Incorporated 33−9