Safeguard Audit Service Manual (G06.24+, H06.03+)
Specifying Auditing
Safeguard Audit Service Manual—520480-014
2-18
OSS Auditing
OSS Auditing
The Safeguard audit attribute, AUDIT-CLIENT-OSS (ACO), controls if the OSS-related
audit records are written to the audit trail in most cases.
ACO Attribute
The ACO attribute is primarily used in combination with other attributes to control OSS
auditing. However, the following fileset-management audit outcome records are written
to the audit trail anytime when the ACO attribute is set to — start/stop fileset,
add/delete fileset, and alter fileset.
ACO and AUDIT-PROCESS-ACCESS-PASS/FAIL Attributes
If an AUDIT-PROCESS-ACCESS-PASS or AUDIT-PROCESS-ACCESS-FAIL attribute
is set, Safeguard authorization result records for OSS process start/stop attempts are
written to the audit trail.
If an AUDIT-PROCESS-ACCESS-PASS or AUDIT-PROCESS-ACCESS-FAIL attribute
and the ACO attribute are set, audit records are written to the audit trail for these
operations:
•
OSS process start/stop
•
OSS signal
•
OSS process setpgid/setsid
•
OSS process setuid/setgid
ACO and Fileset AUDITENABLED Attributes
If the fileset AUDITENABLED attribute and the ACO attribute are set, audit records are
written to the audit trail for these operations:
•
Guardian FILE_OPEN_ of OSS files
•
OSS opens/creates of OSS files
•
OSS pathname resolution
•
access authorization
•
chmod authorization
•
chown authorization
•
link authorization
•
rename authorization
Note. The OSS Auditing is supported only on systems running G06.29 and later G-series
RVUs and H06.08 and later H-series RVUs.