Safeguard Administrator's Manual (G06.29+, H06.08+, J06.03+)

ManualsBrandsHP ManualsServerHP NonStop G-Series

131

132

133

134

135

136

137

138

139

140

Configuration

Safeguard Administrator’s Manual—523317-029

9-22

Configuring Device Auditing

These Safeguard attributes relate to user authentication auditing:

AUDIT-AUTHENTICATE-PASS

Successful user and alias logon attempts are audited. This setting supplements the

audit settings in the user or alias authentication record. The conditions can be ALL,

NONE, or LOCAL. The default is NONE.

AUDIT-AUTHENTICATE-FAIL

Unsuccessful user and alias logon attempts are audited. This setting supplements

the audit settings in the user or alias authentication record. The conditions can be

ALL, NONE, or LOCAL. If set to ALL, logon attempts with invalid user IDs are also

audited. The default is NONE.

AUDIT-SUBJECT-MANAGE-PASS

Successful attempts to create or manage a user or alias authentication record or a

group definition record are audited. This setting supplements the audit settings in

the user or alias record. The conditions can be ALL, NONE, LOCAL, or REMOTE.

The default is NONE.

AUDIT-SUBJECT-MANAGE-FAIL

Unsuccessful attempts to create or manage a user or alias authentication record or

a group definition record are audited. This setting supplements the audit settings in

the user or alias record. The conditions can be ALL, NONE, LOCAL, or REMOTE.

The default is NONE.

To change any of these values, issue the ALTER SAFEGUARD command from

SAFECOM. For example, to audit successful and unsuccessful local logon attempts:

=ALTER SAFEGUARD, AUDIT-AUTHENTICATE LOCAL

Note the use of audit specification shorthand in this command. For more information,

see the Safeguard Audit Service Manual.

Configuring Device Auditing

You can configure systemwide auditing of all nondisk devices in addition to the audit

settings in the individual device authorization records. Devices can be audited at the

local level, at the remote level, or at both levels (ALL).

These Safeguard attributes relate to device auditing:

AUDIT-DEVICE-ACCESS-PASS

Successful attempts to access all devices or subdevices on the system are

audited. This setting supplements the audit settings for individual devices or

subdevices. The conditions can be ALL, NONE, LOCAL, or REMOTE. The default

is NONE.