Manualshelf

Safeguard Audit Service Manual (G06.24+, H06.03+)

ManualsBrandsHP ManualsServerHP NonStop G-Series
51525354555657585960
Managing the Audit Trail
Safeguard Audit Service Manual520480-014
3-2
Audit Service Commands
designated as the currently active audit pool until another audit pool is added and
selected. After additional audit pools are added and one of them is selected,
$SYSTEM.SAFE remains in the audit trail as a secondary audit pool; it is used in
certain situations to record audit data if the currently active audit pool fills up or
becomes unavailable due to a disk failure.
For each audit pool, you can specify configuration attributes to control the number and
size of the audit files in the audit pool. You can specify these attributes at the time the
audit pool is added with the ADD AUDIT POOL command, and you can change them
later with the ALTER AUDIT POOL command.
The audit service secures the audit files so that the super ID owns the files and has
sole access to them. If necessary, you can add these files to the Safeguard database
and protect them with an access control list so that security auditors and other
authorized users can read them.
Audit Service Commands
Table 3-1 summarizes the audit commands and lists them in the order in which they
are typically used. These commands are discussed in further details after the table. For
detailed syntax of these commands, see Section 4, Audit Service Command Syntax.
Table 3-1. SAFECOM Audit Service Commands
Command Description
ADD AUDIT POOL Defines a new audit pool.
SELECT Selects a previously defined audit pool as the current audit pool
or next audit pool.
ALTER AUDIT SERVICE Specifies the action to be taken if the audit files are filled or if
access to the audit pool is interrupted; also controls caching of
audit records.
ALTER AUDIT POOL Changes the disk allocation parameters for a specified audit
pool.
NEXTFILE Closes the current audit file and opens the next audit file in the
current audit pool.
RELEASE Releases one or more specified audit files for reuse.
DELETE AUDIT POOL Deletes a specified audit pool.
INFO AUDIT POOL Displays status information about one or more audit pools.
INFO AUDIT SERVICE Displays status information about the audit service.