Safeguard Audit Service Manual (G06.29+, H06.08+, J06.03+)

ManualsBrandsHP ManualsServerHP NonStop G-Series

161

162

163

164

165

166

167

168

169

170

SAFEART Field Descriptions

Safeguard Audit Service Manual — 520480-031

7 - 46

User Authentication Record

PatternNumSearch

specifies the number of pattern protection records searched and discarded before

determining the outcome. This count includes the final selected pattern, if any.

Field type is unsigned integer.

PatternReductionLevel

indicates how many levels of pattern reduction were used to determine the final

pattern. Field type is enumerated. Possible values are Collation and Initial.

PatternTsEnd

indicates when the pattern search ended. Field type is timestamp.

PatternTsStart

indicates when the pattern search began. Field type is timestamp.

User Authentication Record

The Safeguard subsystem maintains an authentication record for each user and alias

on the system. Attempts to add, delete, read, or change these records might be

audited, depending on whether auditing has been specified for such events.

If auditing is specified and an attempt is made to add, delete, or read an authentication

record, a secondary record is generated that contains an image of the authentication

record.

If auditing is specified and an attempt is made to change an authentication record, a

pair of secondary records is generated. One contains an image of the record before

the attempted change, and the other contains an image of the record showing the

attempted change.

For every image of an authentication record, there is a corresponding image of an

extension to the authentication record. This extension contains additional user

attributes. For more information, see

User Record Extensions on page 7-51.

These attributes appear in the secondary text area for a user or alias authentication

cord:

Aclentries

is a conditional structure that occurs only i

f DEFAULT-PROTECTION is defined for

the user. Each line represents a different ACL entry. The component items of each

line are described in

Protection Record on page 7-32. You cannot use these items

SET WHERE commands.

UserAuditAuthenFail

specifies conditions for auditing unsuccessful authentication attempt

s. This field

was previously called UserAuditAccessFail. SAFEART no longer accepts the old