Safeguard Audit Service Manual (G06.29+, H06.08+, J06.03+)
Specifying Auditing
Safeguard Audit Service Manual — 520480-031
2 - 7
Auditing Attempts to Add Protection Records
Auditing Attempts to Add Protection Records
To specify auditing for attempts to add protection records of a given type, use the
AUDIT-ACCESS attributes in the appropriate OBJECTTYPE authorization record. The
Safeguard subsystem records the specified protection attempts in the current audit file.
specifies the conditions under which successful attempts to add a protection record of
a given type are recorded in the current audit file.
specifies the conditions under which unsuccessful attempts to add a protection record
of a given type are recorded in the current audit file.
The audit-spec variable for AUDIT-ACCESS-PASS and AUDIT-ACCESS-FAIL can
be any one of these four values:
ALL
All attempts to add a protection record of a given type are recorded in the current
audit file.
LOCAL
Only local attempts to add a protection record of a given type are recorded in the
current audit file.
REMOTE
Only remote attempts to add a protection record of a given type are recorded in the
current audit file. (A remote attempt is one made by a process started by a network
user logged on to a remote system. The process itself might be running on the
network user's system or on this system.)
NONE
No attempts to add a protection record of a given type are recorded in the current
audit file. NONE is the default value for both AUDIT-ACCESS-PASS and AUDIT-
ACCESS-FAIL.
Example
This example shows how the owner of the authorization record for OBJECTTYPE
DISKFILE can specify the auditing of all successful attempts to add protection records
for disk files:
=ALTER OBJECTTYPE DISKFILE, AUDIT-ACCESS-PASS all
AUDIT-ACCESS-PASS audit-spec
AUDIT-ACCESS-FAIL audit-spec