Manualshelf

Safeguard Audit Service Manual (G06.29+, H06.08+, J06.03+)

ManualsBrandsHP ManualsServerHP NonStop G-Series
61626364656667686970
Specifying Auditing
Safeguard Audit Service Manual 520480-031
2 - 31
Systemwide Process Auditing
AUDIT-DISKFILE-ACCESS-FAIL
specifies conditions for auditing unsuccessful attempts to access any volume,
subvolume, or disk file on the system. This setting supplements the individual audit
settings. The conditions can be ALL, NONE, LOCAL, or REMOTE. The default is
NONE.
If client auditing is enabled, this attribute also controls auditing for successful
file-system operations pertaining to volumes, subvolumes, and disk files.
AUDIT-DISKFILE-MANAGE-PASS
specifies conditions for auditing successful attempts to create or manage
authorization records for any volume, subvolume, or disk file on the system. This
setting supplements the individual audit settings. The conditions can be ALL,
NONE, LOCAL, or REMOTE. The default is NONE.
AUDIT-DISKFILE-MANAGE-FAIL
specifies conditions for auditing unsuccessful attempts to create or manage
authorization records for any volume, subvolume, or disk file on the system. This
setting supplements the individual audit settings. The conditions can be ALL,
NONE, LOCAL, or REMOTE. The default is NONE.
AUDIT-DISKFILE-PRIV-LOGON
specifies conditions for auditing attempts to perform a privlogon on the system.
This setting supplements the individual audit settings. The conditions can be ON or
OFF. The default is OFF.
To change any of these values, issue the ALTER SAFEGUARD command from
SAFECOM. For example, to specify auditing of successful and unsuccessful local
attempts to access any volume, subvolume, or disk file on the system:
=ALTER SAFEGUARD, AUDIT-DISKFILE-ACCESS LOCAL
Systemwide Process Auditing
You can configure systemwide auditing for all processes and subprocesses, regardless
of individual authorization records. Auditing can be performed at the LOCAL level, the
REMOTE level, or both levels (ALL).
This configuration attributes control systemwide process auditing:
AUDIT-PROCESS-ACCESS-PASS
specifies conditions for auditing successful attempt
s to access any process or
subprocess on the system. This setting supplements individual process or
subprocess audit settings. The conditions can be ALL, NONE, LOCAL, or REMOTE.
The default is NONE.
Note. This attribute is supported only on systems running H06.11 and later H-series RVUs.