Safeguard Audit Service Manual (G06.24+, H06.03+)
Specifying Auditing
Safeguard Audit Service Manual—520480-014
2-14
Controlling Auditing of NonStop Client Events
Controlling Auditing of NonStop Client Events
The Safeguard audit service can record security-relevant events generated by
NonStop privileged subsystems. These subsystems are known as clients. The audit
service receives event information from the clients and writes records to the audit trail
on their behalf. The content and format of audit records vary from one client to another.
The existence of audit records from clients might also vary from RVU to RVU.
The Safeguard configuration attribute AUDIT-CLIENT-GUARDIAN controls whether
client events are recorded. Possible values are ON and OFF. Initially, the attribute is
set to ON.
The Safeguard configuration attribute AUDIT-CLIENT-OSS controls the writing of the
audit records to the audit trial for these OSS object types:
•
ZSFG-VAL-OBJ-DIRECTORY
•
ZSFG-VAL-OBJ-FIFO
AUDIT-MANAGE-PASS
AUDIT-MANAGE-FAIL
AUDIT-MANAGE
AUDIT-AUTHENTICATE-FAIL
AUDIT-AUTHENTICATE-PASS
AUDIT-AUTHENTICATE
AUDIT-USER-ACTION-PASS
AUDIT-USER-ACTION-FAIL
AUDIT-USER-ACTION
For Safeguard Configuration
Complete Combination of Attributes Equivalent Shorthand
AUDIT-object-MANAGE-PASS
AUDIT-object-MANAGE-FAIL
AUDIT-object-ACCESS-PASS
AUDIT-object-ACCESS-FAIL
AUDIT-object
AUDIT-object-MANAGE-PASS
AUDIT-object-MANAGE-FAIL
AUDIT-object-MANAGE
AUDIT-object-ACCESS-PASS
AUDIT-object-ACCESS-FAIL
AUDIT-object-ACCESS
AUDIT-object-MANAGE-PASS
AUDIT-object-ACCESS-PASS
AUDIT-object-PASS
AUDIT-object-MANAGE-FAIL
AUDIT-object-ACCESS-FAIL
AUDIT-object-FAIL
AUDIT-SUBJECT-MANAGE-PASS
AUDIT-SUBJECT-MANAGE-FAIL
AUDIT-SUBJECT-MANAGE
AUDIT-AUTHENTICATE-FAIL
AUDIT-AUTHENTICATE-PASS
AUDIT-AUTHENTICATE
Table 2-1. Audit Attribute Shorthand (page2of2)
Note. For Safeguard configuration, object can be either DEVICE, DISKFILE, OBJECT, or PROCESS.