XYGATE Access Control Reference Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series

100

XYGATE

Access Control Reference Manual

Chapter 7. XAC Auditing and Audit Reports

XYPRO Technology Corporation 65 Proprietary and Confidential

fi XYGAUDIT.ACL*

$VIK.XYGAUDIT

CODE EOF LAST MODIFIED OWNER RWEP PExt Sext

ACL00015 3333 266240 30JUL2013 16:48 232,52 NNNC 300 300

ACL00016 3333 266240 25AUG2013 16:23 232,52 NNNC 300 300

$SYSTEM XYGATEAC 6> VOLUME $VIK.XYGATEAC

$VIK XYGATEAC 7> RUN XAC INSTALL

$VIK XYGATEAC 8> #OUTPUT [XAC_NEXTGEN XYGAUDIT.ACL]

XYGAUDIT.ACL00017

$VIK XYGATEAC 9> == Change EXT(300,300,900) to EXT(4000,4000,700)

$VIK XYGATEAC 10> TEDIT ACCONF

$VIK XYGATEAC 11>

$VIK XYGATEAC 11> XAC_ROLL_AUDIT

Renamed $VIK.XYGAUDIT.ACLOG to $VIK.XYGAUDIT.ACL00017

$VIK XYGATEAC 12>

$VIK XYGATEAC 12> == ACL00017 is the last file uses previous EXT(300,300,900)

$VIK XYGATEAC 13>

$VIK XYGATEAC 13> #OUTPUT [XAC_NEXTGEN XYGAUDIT.ACL]

XYGAUDIT.ACL00018

$VIK XYGATEAC 14> == ACL00018 will be the first file using EXT(4000,4000,700)

7.1.4 Categorizing Audit Records by the Use of Sub-keywords

The file will be owned by the owner of the ACCONF file. The file code is set based on

the type of audit information that will be written to the file. If the file will contain

INVOKE records only, it will have a file code of 3331. If the file will contain DETAIL

records only, it will have a file code of 3332. If the file will contain both INVOKE and

DETAIL records, it will have a file code of 3333.

The INVOKE and DETAIL sub-keywords of AUDIT in the ACCONF file (refer to

appendices A3:, A4: and A5:) define the types of audit records that will be written to

the audit file. INVOKE-audit-records audit the starting of XAC sessions. These records

are called XAC-I records. DETAIL-audit-records audit the commands that are executed

within the XAC session (XAC-C) and output from commands (XAC-O).

A minimum XAC session consists of one XAC-I record, one XAC-C record and one

XAC-E record. Even a session that never starts will have this minimal record because

the XAC-C audit entry will show the reason that the session did not start.

7.1.5 Considerations when Access Audit Records Using ENFORM

Both INVOKE and DETAIL records can be present in the same ENSCRIBE file. Both

record types and files are ENFORM compatible. XYPRO-supplied reports can correctly

distinguish between the two audit record types when they are mixed in a single file.

The DDL file is supplied to support user-written ENFORM reports based upon logs

written to these audit files.

Reports use ENFORM, which creates temporary work files during processing. Users

must have Create and Write access to these files in the ENFORM temporary work file

location.