Safeguard Audit Service Manual (G06.29+, H06.08+, J06.03+)

ManualsBrandsHP ManualsServerHP NonStop G-Series

Specifying Auditing

Safeguard Audit Service Manual — 520480-031

2 - 16

Controlling Auditing of NonStop Client Events

service receives event information from the clients and writes records to the audit trail

on their behalf. The content and format of audit records vary from one client to another.

The existence of audit records from clients might also vary from RVU to RVU.

The Safeguard configuration attribute AUDIT-CLIENT-GUARDIAN controls whether

client events are recorded. Possible values are ON and OFF. Initially, the attribute is set

to ON.

The Safeguard configuration attribute AUDIT-CLIENT-OSS controls the writing of the

audit records to the audit trial for these OSS object types:

•

ZSFG-VAL-OBJ-DIRECTORY

•

ZSFG-VAL-OBJ-FIFO

•

ZSFG-VAL-OBJ-OSSDISKFILE

•

ZSFG-VAL-OBJ-OSSFILESET

•

ZSFG-VAL-OBJ-OSSPROCESS

•

ZSFG-VAL-OBJ-SOCKET

•

ZSFG-VAL-OBJ-SYMLINK

Possible values of the Safeguard configuration attribute AUDIT-CLIENT-OSS are ON

and OFF. Initially, the attribute is set to ON.

Because auditing of NonStop clients can consume considerable system resources and

add a large number of records to your audit files, you might want to configure the

Safeguard subsystem to disable client auditing.

To disable audits generated by guardian clients, issue this SAFECOM command:

=ALTER SAFEGUARD, AUDIT-CLIENT-GUARDIAN OFF

To disable audits generated by OSS client

s, issue this SAFECOM command:

=ALTER SAFEGUARD, AUDIT-CLIENT-OSS OFF

If you decide to leave client auditing (both Guardian and OSS) enabled, be aware that

some of the systemwide auditing attributes described in the following p

ages also affect

client auditing. For example, the AUDIT-PROCESS-ACCESS-PASS controls auditing for

successful client operations that pertain to processes and subprocesses.

Table

2-2 lists the common NonStop privileged subsystems or clients and the

corresponding audited objects and operations.

Note. The AUDIT-CLIENT-GUARDIAN attribute is a synonym for the AUDIT-CLIENT-

SERVICE attribute. The AUDIT-CLIENT-OSS attribute is supported only on systems running

G06.29 and later G-series RVUs and H06.08 and later H-series RVUs.

Note. If you leave client auditing enabled, be sure you have ad

equate system resources to

handle the additional audit activity.