Overview of audit logs – HP XP20000XP24000 Disk Array User Manual
Page 16
• View: If you have this authority, you can view the operation authority of all user accounts.
You cannot add, change and delete the user accounts. However, you can change your
own password.
• Disable: You cannot view or change settings of other user accounts. However, you can
change your password, and view the operation authorities for your user account.
•
Audit log administrator role (audit log operation authority)
The audit log administrator role is the authority to operate the button for downloading the audit
log file and to perform the syslog-related operation. You can set the audit log administrator role
for the user account that has a user type of storage administrator. For further information on the
audit log file, see HP StorageWorks XP24000 Audit Log User and Reference Guide. For details
about the syslog-related operation, see “
For each user account, you can select the authority of the audit log administrator role from
the following three types:
• Modify: If you have this authority, you can download an audit log file by using the button
for audit log file download. You can also set the syslog server and download the syslog
information file by using the Syslog window. The operation authority Modify has been set for
the user account of user ID administrator.
• View: If you have this authority, you can download an audit log file by using the button
for audit log file download. You can also use the Syslog window to view the setting and
download the syslog information file. However, you are not allowed to change the settings of
the Syslog window.
• Disable: You have no operation authority for the audit log. You cannot use the audit log
file download button or the Syslog window.
•
Storage administrator role (storage operation authority)
The storage administrator role is the authority to perform program product operations and the
operations of the Set Env. dialog box. For each user account, you can select the authority of the
storage administrator role from the following two types:
• Enable: You have authority to perform operations using program product options and
operations for the Set Env. dialog box.
Only the user accounts for which the storage administrator role authority is set to Enable can
set the operation authority for each program product option. The administrator account has
Enable authority and Modify authority for all program product operations.
• Disable: You do not have authority to perform operations using program product options or
the Set Env. dialog box operations. You may have Modify authority for specific program
product operations, but if the storage administrator role is set to Disable, Modify authority
for program product operations is disabled.
•
Operation authority for each function
You can set the operation authority for Remote Web Console or for individual program product
options. To set program product operation authority for each user account, set the storage
administrator role to Enable. For each user account, you can select the operation authority
from the following two types:
• Modify: You can perform the operations for each function.
• View: You can view the window for function. However, you cannot perform the operation.
Overview of Audit Logs
The audit Log function allows you to record the access and configuration changes made to your storage
system. To check the audit logs, you can transfer the audit log files to syslog servers as you connect the
syslog servers to the storage system SVP through LAN. You can connect up to two syslog servers. The first
one is named primary syslog server, and the second one is named secondary syslog server.
Note:
UDP is required for transferring the audit log. To transfer the audit log to syslog servers, consider
the characteristics of UDP when you design a network. For detailed information on syslog, see the
RFC3164 published by IETF.
16
About Remote Web Console Operations