Manualshelf

Safeguard Audit Service Manual (G06.24+, H06.03+)

ManualsBrandsHP ManualsServerHP NonStop G-Series
61626364656667686970
Audit Service Command Syntax
Safeguard Audit Service Manual520480-014
4-7
ALTER AUDIT SERVICE Command
DENY GRANTS
specifies that the Safeguard subsystem is to deny the granting of most
authorization and authentication requests that require auditing. The
only requests allowed are those that result in successful operations by
members of the security groups. If this action is specified, auditing is
redirected to the secondary audit pool $SYSTEM.SAFE.
Considerations
Before applying any recovery action, the audit service attempts to use the next
audit pool. Recovery actions are applied only if the next audit pool is undefined or
inaccessible.
If an overflow or down volume occurs and you have specified DENY GRANTS as
the recovery action, the audit service writes subsequent audit records to the audit
pool at $SYSTEM.SAFE.
After you have corrected the overflow or down volume, the Safeguard subsystem
resumes normal operation. However, audit records continue to be written to
$SYSTEM.SAFE until you issue a SELECT CURRENT AUDIT POOL command to
switch back to the primary audit pool.
RECYCLE does not apply to the predefined audit pool $SYSTEM.SAFE when it is
functioning as the secondary audit pool (as a result of DENY GRANTS).
RECYCLE does apply to $SYSTEM.SAFE if it is the currently active audit pool and
no overflow or down volume exists.
To resume auditing from a suspended state, perform either of these actions:
°
When the disk on which the audit pool resides becomes accessible, issue a
NEXTFILE command to select the next audit file in the audit pool. You might
first have to first use the RELEASE command to release the current audit file.
°
Add an audit pool to an accessible disk and then use the SELECT CURRENT
AUDIT POOL command to select that audit pool.
If the Safeguard subsystem is included with system generation, take these
precautions to prevent auditing from being suspended during a cold start of the
system:
Caution. If no space is available in the audit pool at $SYSTEM.SAFE, the current state
becomes DENY ALL GRANTS, and no activity requiring an audit is allowed to occur. You
cannot switch to another audit pool if this condition occurs. If you choose DENY GRANTS,
check that space is always available in $SYSTEM.SAFE.