XYGATE Access Control Reference Manual
XYGATE
®
Access Control Reference Manual
Appendix C: The ACACL File
XYPRO Technology Corporation 157 Proprietary and Confidential
C14: AUDITUSER
This keyword is followed by the list of users whose commands will be audited,
assuming at least one audit file has been specified in the ACCONF file with the
DETAIL sub-keyword, and the NOCOMMANDAUDIT keyword in the ACACL file has
not been specified. If AUDITUSER keyword is omitted, all users will be audited.
Syntax:
AUDITUSER <userid-list>
Example:
COMMAND SPOOLCOM-255
DESCRIPTION "SPOOLCOM as SUPER.SUPER"
USER 255,255
OBJECT $SYSTEM.SYSTEM.SPOOLCOM
ACL OPER.* PROG.MGR
AUDITUSER OPER.* PROG.MGR NOT OPER.MGR
The above example would cause the commands executed within this SPOOLCOM-
255 to be audited if the XAC session had been executed by PROG.MGR or any
OPER.* user except OPER.MGR.
The NOT or DENY keywords can be used to exclude users from the audited list. Use
of NOT or DENY immediately following AUDITUSER creates an implied
AUDITUSER \*.*,* ALIAS:"*" NOT <userids>.
For example, AUDITUSER NOT OPER.JOE is the same as
AUDITUSER \*.*.* ALIAS:"*" NOT OPER.JOE.
Example:
COMMAND SCF-255
USER 255,255
OBJECT $SYSTEM.SYSTEM.SCF
ACL OPER.* PROG.MGR
AUDITUSER NOT OPER.MGR ALIAS:"opmgr"