12 collecting audit log data – HP Hitachi Dynamic Link Manager Software User Manual

2. HDLM Functions

44

2.12 Collecting Audit Log Data

HDLM and other Hitachi storage-related products provide an audit log function so that

compliance with regulations, security evaluation standards, and industry-specific

standards can be shown to auditors and evaluators. The following table describes the

categories of audit log data that Hitachi storage-related products can collect.

Table 2-10: Categories of Audit Log Data that Can Be Collected

Category

Explanation

StartStop

An event indicating the startup or termination of hardware or software,
including:

• OS startup and termination
• Startup and termination of hardware components (including

micro-program)

• Startup and termination of software running on storage systems, software

running on SVPs (service processors), and Hitachi Command Suite
products

Failure

An abnormal hardware or software event, including:

• Hardware errors
• Software errors (such as memory errors)

LinkStatus

An event indicating the linkage status between devices:

• Link up or link down

ExternalService

An event indicating the result of communication between a Hitachi

storage-related product and an external service, including:

• Communication with a RADIUS server, LDAP server, NTP server, or

DNS server,

• Communication with the management server (SNMP)

Authentication

An event indicating that a connection or authentication attempt made by a

device, administrator, or end-user has succeeded or failed, including:

• FC login
• Device authentication (FC-SP authentication, iSCSI login authentication,

or SSL server/client authentication)

• Administrator or end-user authentication

AccessControl

An event indicating that a resource access attempt made by a device,

administrator, or end-user has succeeded or failed, including:

• Device access control
• Administrator or end-user access control