beautypg.com

HP Hitachi Dynamic Link Manager Software User Manual

Page 69

background image

2. HDLM Functions

45

The categories of audit log data that can be collected differ depending on the product.

The following sections explain only the categories of audit log data that can be

collected by HDLM. For the categories of audit log data that can be collected by a

product other than HDLM, see the corresponding product manual.

2.12.1 Categories and Audit Events that HDLM Can Output to the

Audit Log

The following table lists and explains the categories and audit events that HDLM can

output to the audit log. The severity is also indicated for each audit event.

ContentAccess

An event indicating that an attempt to access critical data has succeeded or
failed, including:

Access to a critical file on a NAS or content access when HTTP is

supported

Access to the audit log file

ConfigurationAccess

An event indicating that a permitted operation performed by the administrator

has terminated normally or failed, including:

Viewing or updating configuration information
Updating account settings, such as adding and deleting accounts
Setting up security
Viewing or updating audit log settings

Maintenance

An event indicating that a maintenance operation has terminated normally or

failed, including:

Adding or removing hardware components
Adding or removing software components

AnomalyEvent

An event indicating an abnormal state such as exceeding a threshold,

including:

Exceeding a network traffic threshold
Exceeding a CPU load threshold
Reporting that the temporary audit log data saved internally is close to its

maximum size limit or that the audit log files have wrapped back around

to the beginning

An event indicating an occurrence of abnormal communication, including:

A SYN flood attack or protocol violation for a normally used port
Access to an unused port (such as port scanning)

Category

Explanation

This manual is related to the following products: