Safeguard Management Programming Manual (G06.29+, H06.08+, J06.03+)
Event Management
Safeguard Management Programming Manual—422086-028
8-34
ZSFG-EVT-CRITICALAUDITSTATE
ZSFG-TKN-PENDINGAUDITSTATE and ZSFG-TKN-AUDITSTATE
contain one of these values:
ZSFG-VAL-AUDITSTATE-NEXTPOOL0
indicates that auditing is active but the Next Pool is not defined.
ZSFG-VAL-AUDITSTATE-RECYCLING
indicates that auditing is active; the Next Pool is not defined; and because the
audit pool is full, audit files are being recycled on an as need basis.
ZSFG-VAL-AUDITSTATE-SUSPENDED
indicates that auditing is not active because the Next Pool is not defined and
the current pool is full.
ZSFG-VAL-AUDITSTATE-DENYGRANTS
indicates that auditing is effectively not active because the Next Pool is not
defined and the current audit pool is full. Authorization and authentication
requests that require auditing will be denied. Members of the SECURITY-
ADMINISTRATOR and SYSTEM-OPERATOR groups will have their
authorization and authentication requests audited to the $SYSTEM.SAFE pool
and thus will not be denied.
ZSFG-VAL-AUDITSTATE-DENYGRANTX
indicates that auditing is not active because the Next Pool is not defined, the
current pool is full, and the $SYSTEM.SAFE pool is full. Authorization and
authentication requests that require auditing will be denied. Members of the
SECURITY-ADMINISTRATOR and SYSTEM-OPERATOR groups will also
have their authorization and authentication requests denied because the
$SYSTEM.SAFE pool is full. When in this state, the system can be effectively
down.
Subsystem Action
This message is informational only.
Recommended Action
Depending on the security policy of the site and the audit state change involved, the
selection of a new current audit pool or a new next audit pool or the RELEASE of an
audit file to free space within the audit pool might be required. Another possibility is to
increase the MAXFILES attribute of the pool to allow the creation of additional files.