Safeguard Audit Service Manual (G06.24+, H06.03+)
Specifying Auditing
Safeguard Audit Service Manual—520480-014
2-4
Auditing Automatic Logoffs
3. If the supplied password matches the password in the authentication record, the
Safeguard subsystem checks the values of these attributes in the authentication
record:
STATUS frozen/thawed
USER EXPIRES date, time
PASSWORD EXPIRES date, time
4. If the current status is frozen, the user authentication record has expired, or the
user's password has expired, the logon attempt fails. (See the note following this
list.) When a logon attempt fails for any of these reasons, the value of the
AUDIT-AUTHENTICATE-FAIL attribute is checked to determine whether to record
the failed logon attempt in the current audit file.
5. If a logon attempt passes these checks, the AUDIT-AUTHENTICATE-PASS
attribute for that user name is checked to determine whether to record the logon
attempt in the current audit file. Then the logon attempt is allowed to complete
successfully.
Auditing Automatic Logoffs
If a user successfully logs on at a terminal where a previous user is logged on, the
Safeguard subsystem automatically logs off the previous user. Auditing for this type of
logoff is controlled by the AUDIT-AUTHENTICATE-PASS attribute of the logged off
user.
Auditing Attempts to Access Objects
To specify auditing for attempts to access a particular object, use the AUDIT-ACCESS
attributes in the authorization record for the object. The Safeguard subsystem records
the specified access attempts in the current audit file.
specifies the conditions under which successful attempts to access the object are
recorded in the current audit file.
specifies the conditions under which unsuccessful attempts to access the object are
recorded in the current audit file.
Note. If the group manager or the super ID attempts to log on as another user and
PASSWORD-REQUIRED is OFF, the logon succeeds without a password. Auditing is
performed if specified.
AUDIT-ACCESS-PASS audit-spec
AUDIT-ACCESS-FAIL audit-spec