Manualshelf

Safeguard Audit Service Manual (G06.24+, H06.03+)

ManualsBrandsHP ManualsServerHP NonStop G-Series
51525354555657585960
Managing the Audit Trail
Safeguard Audit Service Manual520480-014
3-3
Establishing Security Groups
Establishing Security Groups
Initially, most audit service commands are restricted to members of the super group.
However, you should take advantage of the two Safeguard security groups—
SECURITY-ADMINISTRATOR and SYSTEM-OPERATOR—to establish roles and to
further restrict the use of the audit service. The SECURITY-ADMINISTRATOR
security group can issue all audit service commands except the NEXTFILE and
RELEASE commands. The SYSTEM-OPERATOR security group can issue all audit
service commands except the ALTER AUDIT SERVICE command.
After you create the security groups, the super group no longer has special privileges
regarding the audit service commands.
The security groups also restrict who can use other commands within the Safeguard
subsystem. For more information on security groups, see the Safeguard
Administrators Manual.
Defining and Managing the Audit Trail
Members of the SECURITY-ADMINISTRATOR security group are responsible for
defining and initializing the audit pools and for specifying audit recovery actions. Until
you define and select an audit pool, the Safeguard subsystem uses the predefined
audit pool on $SYSTEM.SAFE. Once the audit pools are defined, members of the
SYSTEM-OPERATOR security group can close and release the individual audit files
and select audit pools as appropriate.
The procedure for initializing and maintaining the audit files:
1. Use the ADD AUDIT POOL command to define the location and size of audit
pools.
2. Use the SELECT command to select a previously defined audit pool as the current
audit pool and, optionally, to select the next audit pool to be used.
3. Use the ALTER AUDIT SERVICE command to specify the actions to be taken if the
current audit pool becomes filled or inaccessible.
4. If necessary, use the ALTER AUDIT POOL command to change the disk allocation
parameters for an audit pool.
5. When you want to close the current audit file and open the next audit file, use the
NEXTFILE command.
6. When you no longer need to retain an audit file, use the RELEASE command to
purge the file, rename it, and mark it for reuse.
7. When you no longer need to retain a complete audit pool, use the DELETE AUDIT
POOL command to delete that audit pool.
8. Use the INFO AUDIT POOL and INFO AUDIT SERVICE commands as necessary
to obtain information about the audit pools and the audit service configuration.