Safeguard Administrator's Manual (G06.29+, H06.08+, J06.03+)
Configuration
Safeguard Administrator’s Manual—523317-029
9-27
Configuring Audit Exclusion of NonStop Client
Events
generated based on the value of the AUDIT-AUTHENTICATE-PASS and AUDIT-
AUTHENTICATE-FAIL attributes.
When set to FALSE, audits for the TACL LOGOFF or TACL EXIT operations are
generated based on the value of the AUDIT-CLIENT-GUARDIAN, AUDIT-
PROCESS-ACCESS-PASS, and AUDIT-PROCESS-ACCESS-FAIL attributes. The
initial value is FALSE.
DYNAMIC-PROC-UPDATE
ON specifies that the process identity attributes (AUDIT-USER-ACTION-PASS,
AUDIT-USER-ACTION-FAIL, primary group, supplementary group list, and group
count) are updated dynamically when the audit and group attributes of the
corresponding user are modified.
The default value is OFF.
For more information about client subsystem auditing, see the Safeguard Audit Service
Manual.
Configuring Audit Exclusion of NonStop Client Events
You can filter generation of certain NonStop client audit events by using the
systemwide audit exclusion parameters regardless of individual and global audit
configuration settings. The filtering of audit events is based on the selected fields in the
audit report.
To exclude the events from being audited, you must provide a field name and its
appropriate values.
The following configuration attributes control systemwide audit exclusion:
AUDIT-EXCLUDE-FIELD
specifies the field name of an audit record. All NonStop client audit events
containing the specified field name are not generated by the Safeguard subsystem.
The default value is NONE.
Table 9-2
lists the different AUDIT-EXCLUDE-VALUES each AUDIT-EXCLUDE-
FIELD can take.
Note. The AUDIT-TACL-LOGOFF attribute is supported only on systems running J06.08
and later J-series RVUs, H06.19 and later H-series RVUs, and G06.32 and later G-series
RVUs.
Note. The DYNAMIC-PROC-UPDATE attribute is supported only on systems running
J06.10 and later J-series RVUs and H06.21 and later H-series RVUs.