Specifying auditing conditions – HP Integrity NonStop J-Series User Manual

Securing Disk Files

Safeguard User’s Guide — 422089-020

3 - 15

Specifying Auditing Conditions

For example, the owner of the disk file (user ID 2,1) can restore the access control list
for quarter1 by entering:

=THAW DISKFILE quarter1

The STATUS field of the INFO display shows that the access control list is thawed:

=INFO DISKFILE quarter1

Specifying Auditing Conditions

The Safeguard subsystem provides facilities for auditing attempts to access a disk file
or its corresponding authorization record. For detailed information on auditing, see the
Safeguard Audit Service Manual.

You can specify four auditing attributes in a disk-file authorization record. They are:

•

AUDIT-ACCESS-PASS

•

AUDIT-ACCESS-FAIL

•

AUDIT-MANAGE-PASS

•

AUDIT-MANAGE-FAIL

You can set these attributes to ALL, LOCAL, REMOTE, or NONE. The default value for
the auditing attributes is NONE, which indicates no auditing.

As with other security attributes, you can specify auditing conditions with the ADD
DISKFILE, ALTER DISKFILE, or SET DISKFILE commands.

The attribute, AUDIT-PRIV-LOGON can also be specified in a disk-file authorization
record.

The following command causes the Safeguard software to audit all unsuccessful
remote attempts to access quarter1:

=ALTER DISKFILE quarter1, AUDIT-ACCESS-FAIL REMOTE

Similarly, the following command specifies auditing of all unsuccessful attempts (local
and remote) to manage the authorization record for the file quarter1:

=ALT DISK quarter1, AUDIT-MANAGE-FAIL ALL

LAST-MODIFIED OWNER STATUS WARNING-MODE

$DATA.SALES

QUARTER1 23JUL05, 15:33 2,1 THAWED OFF

002,001 R,W,E,P

002,006 DENY W

002,018 R,W,E,P

004,012 R

008,004 DENY R

002,* R,W

008,* R