XYGATE Access Control Reference Manual
XYGATE
®
Access Control Reference Manual
Appendix A: The ACCONF File
XYPRO Technology Corporation 94 Proprietary and Confidential
A3: AUDIT (Filename)
This keyword determines the audit file specifications when a filename is defined.
Refer to Chapter 7, “XAC Auditing and Audit Reports” for more information.
Syntax:
AUDIT <filename>[DETAIL] [INVOKE] [CRITICAL] [EXT(pri,sec,max)] [NO_ROLL_MSGS]
DETAIL
The optional DETAIL sub-keyword includes audit of specific tasks or commands that
were performed by the user in this session.
INVOKE
The optional INVOKE sub-keyword includes audits on how the session was started,
from what user, on which terminal, at what time and with what startup command.
CRITICAL
The optional CRITICAL sub-keyword causes only records that audit a failed command
to be written to the file.
EXT(pri,sec,max)
The optional EXT sub-keyword is used to specify the primary, secondary, and max
extents when an audit trail is created. Refer to section 7.1.1, “AUDIT File Creation” on
page 63.
NO_ROLL_MSGS
The optional NO_ROLL_MSGS sub-keyword suppresses most EMS LOG audit file
messages that occur during the audit file rollover. The impact of using this Audit
modifier will only be to the EMS log. When the modifier is applied, the EMS error
message 45 (audit file is full) and the open audit file message will be suppressed.
However, creation of a new audit file will generate an EMS message in order to meet
PCI-DSS requirement 10.2.6 as follows:
XYGATEAC - Created audit file $<vol>.XYGATEAC.AUDIT
Example 1:
AUDIT $AUDIT.XYLOGBIG.XAC INVOKE DETAIL EXT(4096,4096,900) NO_ROLL_MSGS
AUDIT $SYSTEM.XYLOGS.XAC
Example 2:
AUDIT $<vol>.XYGATEAC.AUDIT NO_ROLL_MSGS
Example 3: AUDIT filename definition on ACCONF
AUDIT $VIK.XYLOG.XAC NO_ROLL_MSGS
AUDIT $VIK.XYLOGS.XAC