XYGATE User Authentication Reference Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series

231

232

233

234

235

236

237

238

239

240

XYGATE

User Authentication

™

(XUA) 1.85 Reference Manual

Appendix A: The UACONF File

XYPRO Technology Corporation 206 Proprietary and Confidential

A3: AUDIT (Filename)

This keyword determines the audit file specifications when a filename is defined.

Auditing is discussed in more detail at the beginning of Chapter 9, “Deciding on the

Amount of Logon-Specific Auditing.”

Syntax:

AUDIT <filename> [CRITICAL] [EXT(pri,sec,max)] [NO_ROLL_MSGS]

CRITICAL

Critical is an audit attribute that is set on for authentication denials when the

EMS_CRITICAL_IF_DENIED ON entry exists. When the CRITICAL sub-keyword is

included after the AUDIT keyword, authentications whose audit attribute is marked

critical are the only included audits.

EXT(pri,sec,max)

The optional EXT sub-keyword is used to specify the primary, secondary, and max

extents when an audit trail is created.

NO_ROLL_MSGS

The optional NO_ROLL_MSGS sub-keyword suppresses most EMS LOG audit file

messages that occur during the audit file rollover.

Example 1 below will send XUA audits to the file called AUDIT in the subvolume

$SECURE.XUAAUDIT.

Example 1: How to configure XUA to audit to a diskfile

AUDIT $SECURE.XUAAUDIT.AUDIT

The size of an audit trail can be controlled using the EXT sub-keyword options.

Example 2 below will set XYGATEUA audit trail primary and secondary extents to 302

and maxextents to 17.

Example 2: How to control XUA audit trail size

AUDIT $SYSTEM.XYGATEUA.AUDIT EXT(302,302,17)

If any of the disk files specified using the AUDIT keyword in the UACONF file become

unavailable, which might occur if the audit file fills up or is renamed, the XUA server

will close the current file and attempt to re-create and re-open the original filename. If

the audit file named in the UACONF entry is still unavailable, then XUA will wait and

retry the open operation.

Note: If the file error is an un-retryable error, such as disk down, then XUA processing

will continue without auditing. When the disk comes back up, XUA will not

resume auditing. You must restart the server to resume auditing.