Manualshelf

Safeguard Audit Service Manual (G06.29+, H06.08+, J06.03+)

ManualsBrandsHP ManualsServerHP NonStop G-Series
61626364656667686970
Specifying Auditing
Safeguard Audit Service Manual 520480-031
2 - 34
Systemwide Auditing for Users, Aliases, and Groups
The conditions specified for this attribute also apply to the systemwide auditing of
automatic logoffs described in Auditing User Authentication Attempts on page 2-2.
AUDIT-AUTHENTICATE-FAIL
specifies conditions for auditing unsuccessful user and alias authentication
attempts on the system. This setting supplements the audit settings in individual
user and alias records. The conditions can be ALL, NONE, LOCAL or REMOTE. The
default is NONE.
If set to ALL, authentication attempts with invalid user IDs and user names are also
audited.
The configuration attribute that controls systemwide auditing of privlogon attempts is:
AUDIT-DISKFILE-PRIV-LOGON
specifies conditions for auditing privlogon attempts on the system. This setting
supplements the audit settings in the individual diskfile records. The conditions can
be ON or OFF. The default is OFF.
AUDIT-SUBJECT-MANAGE-PASS
specifies conditions for auditing successful attempts to create or manage any user,
alias, or group record on the system. This setting supplements any individual audit
settings in user and alias records. The conditions can be ALL, NONE, LOCAL, or
REMOTE. The default is NONE.
AUDIT-SUBJECT-MANAGE-FAIL
specifies conditions for auditing unsuccessful attempt
s to create or manage any
user, alias, or group record on the system. This setting supplements any individual
audit settings in user and alias records. The conditions can be ALL, NONE, LOCAL,
or REMOTE. The default is NONE.
AUDIT-OSS-FILTER
indicates if user level attributes, AUDIT-USER-ACTION-PASS and AUDIT-USER-
ACTION-FAIL, enable or disable OSS auditing. T
he AUDIT-OSS-FILTER
attribute takes effect only if the Safeguard global configuration attribute AUDIT-
CLIENT-OSS is enabled. The default is OFF.
Note. If REMOTE is specified for the AUDIT-AUTHENTICATE attributes, no authentication
attempts are recorded in the audit file. Authentication attempts can be audited only on the
system where they occur.
Note. This attribute is supported only on systems running H06.1
1 and later H-series RVUs.
Note. This attribute
is supported only on systems running J06.04 and later J-series
RVUs, H06.15 and later H-series RVUs, and G06.32 and later G-series RVUs.