Manualshelf

Security Management Guide (G06.24+, H06.03+)

ManualsBrandsHP ManualsServerHP NonStop G-Series
71727374757677787980
Safeguard System Security
Security Management Guide522283-008
3-20
Auditing Attempts to Change or Read Safeguard
Records
specifying object auditing easier. For more information on configuration, see the
Safeguard Administrator’s Manual.
Auditing Attempts to Change or Read Safeguard Records
The Safeguard auditing attributes also allow you to record attempts to change or read
both object authorization records and user authentication records.
Specify auditing for attempts to change or read the user authentication records for all
privileged users. The following SAFECOM command specifies auditing for attempts to
change or read the user authentication record for the super ID:
=ALTER USER 255,255, AUDIT-MANAGE-PASS ALL, &
=AUDIT-MANAGE-FAIL ALL
Also specify auditing for attempts to change or read the object authorization records for
all critical objects. The following SAFECOM command specifies auditing for attempts to
change or read the object authorization record for the file named payroll:
=ALTER DISKFILE payroll, AUDIT-MANAGE-PASS ALL, &
=AUDIT-MANAGE-FAIL ALL
Other Auditing
The Safeguard auditing attributes also allow you to record attempts to manage other
types of Safeguard protection records, such as those records for OBJECTTYPES and
security groups.
Additionally, the Safeguard software audits several actions automatically. These
actions include attempts to manage the Safeguard configuration, attempts to manage
the Safeguard audit service, and attempts to execute TERMINAL and EVENT-EXIT-
PROCESS commands.
The Safeguard software also accepts and stores audit records of security-related
events generated by other HP privileged subsystems.
The Safeguard Audit Service Manual describes the complete facilities that the audit
service offers.
Managing the Audit Service
Managing the audit service involves the following tasks:
Specifying the location of audit information
Specifying what recovery actions the audit service should take if the audit trail
becomes inaccessible
Specifying who can issue restricted audit commands
These tasks are introduced here and described in detail in the Safeguard Audit Service
Manual.