Auditing – HP UX B6941-90001 User Manual

Chapter 10

457

Tuning, Troubleshooting, Security, and Maintenance

Auditing

Auditing

ITO distinguishes between different modes and levels of audit control.
The mode determines who is permitted to change the level of auditing;
the level determines what kind of auditing information is being collected.

Your company policy determines which auditing mode, normal or
enhanced, is used. Normal audit control is the default mode after
installation. In normal mode the ITO administrator can change the level
of auditing using the

Configure Management Server

window.

Enhanced audit control can only be set by the user root, and cannot be
reset without re-initializing the database.

You can select from the following audit levels:

❏

[No Audit]

ITO does not maintain any auditing information.

❏

[Operator Audit]

ITO maintains audit information about:

• operator logins and logouts, including attempted logins

• changes to the ITO user passwords

• all actions started from the browsers and from the Application

Desktop:

Operator Audit is the default level after installation.

❏

[Administrator Audit]

ITO maintains audit information about user logins and logouts,
including attempted logins and changes to the ITO user passwords.
In addition, ITO creates audit entries when actions are started from
the message browsers and in the

Application Bank

, and when the

configuration of ITO users, managed nodes, node groups, or templates
changes. See Table 10-11 on page 458 for a complete overview of the
audit areas that are included in this level.