Safeguard Audit Service Manual (G06.29+, H06.08+, J06.03+)
Contents
Safeguard Audit Service Manual — 520480-031
ii
3. Managing the Audit Trail
Auditing Attempts to Manage Protection Records 2-9
Examples 2-11
How Attempts to Manage Protection Records Are Audited 2-11
Auditing Events Performed by a Specific User 2-12
Example 2-13
Performance Considerations 2-13
Shorthand for Audit Attributes 2-14
Controlling Auditing of NonStop Client Events 2-15
Configuring Audit Exclusion of NonStop Client Events 2-19
OSS Auditing 2-25
Configuring Safeguard for Systemwide Auditing 2-27
The ALTER SAFEGUARD Command 2-28
The INFO SAFEGUARD Command 2-28
Systemwide Device Auditing 2-29
Systemwide Disk-File Auditing 2-30
Systemwide Process Auditing 2-31
Systemwide Auditing of All Objects 2-32
Systemwide Auditing for Users, Aliases, and Groups 2-33
Unconditional Auditing 2-35
ALTER SAFEGUARD and STOP SAFEGUARD Commands 2-35
Audit Service Commands 2-35
TERMINAL Commands 2-36
EVENT-EXIT-PROCESS Commands 2-36
3. Managing the Audit Trail
About the Audit Trail 3-1
Audit Service Commands 3-2
Establishing Security Groups 3-2
Defining and Managing the Audit Trail 3-3
Creating an Audit Pool 3-4
Selecting an Audit Pool 3-6
Specifying Audit Service Recovery 3-6
Altering the Audit Pool Disk Allocation 3-8
Closing an Audit File 3-8
Releasing Audit Files 3-9
Deleting Audit Files 3-9
Deleting an Audit Pool 3-9
Audit Pool Precautions During a Cold Start 3-10