VMS Help SET, AUDIT, Examples *Conan The Librarian (sorry for the slow response - running on an old VAX) |
1.$ SET AUDIT/AUDIT/ENABLE= - _$ (CREATE,ACCESS=(SYSPRV,BYPASS),DEACCESS)/CLASS=FILE $ SHOW AUDIT/AUDIT System security audits currently enabled for: . . . FILE access: Failure: read,write,execute,delete,control SYSPRV: read,write,execute,delete,control BYPASS: read,write,execute,delete,control Other: create,deaccess The SET AUDIT command in this example enables auditing of file creation and file deaccess; it also enables auditing for any file access done by using either SYSPRV or BYPASS privilege. 2.$ SET AUDIT/JOURNAL=SECURITY/DESTINATION=AUDIT$:[AUDIT]TURIN $ SET AUDIT/SERVER=NEW $ SHOW AUDIT/JOURNAL List of audit journals: Journal name: SECURITY Journal owner: (system audit journal) Destination: AUDIT$:[AUDIT]TURIN.AUDIT$JOURNAL The SET AUDIT command in this example demonstrates how to switch to a new journal. 3.$ SET AUDIT/SERVER=FINAL=CRASH $ SHOW AUDIT/SERVER Security auditing server characteristics: Database version: 4.4 Backlog (total): 100, 200, 300 Backlog (process): 5, 2 Server processing intervals: Archive flush: 0 00:01:00.00 Journal flush: 0 00:05:00.00 Resource scan: 0 00:05:00.00 Final resource action: crash system The SET AUDIT command in this example changes the audit server's final action setting so the system crashes when the audit server runs out of memory. 4.$ SET AUDIT/ARCHIVE/DESTINATION=SYS$SPECIFIC:[SYSMGR]TURIN-ARCHIVE $ SHOW AUDIT/ARCHIVE Security archiving information: Archiving events: system audits Archive destination: SYS$SPECIFIC:[SYSMGR]TURIN-ARCHIVE.AUDIT$JOURNAL The SET AUDIT command in this example enables a node-specific archive file. 5.$ SET AUDIT/JOURNAL/RESOURCE=ENABLE $ SHOW AUDIT/JOURNAL List of audit journals: Journal name: SECURITY Journal owner: (system audit journal) Destination: SYS$COMMON:[SYSMGR]SECURITY.AUDIT$JOURNAL Monitoring: enabled Warning thresholds, Block count: 100 Duration: 2 00:00:00.0 Action thresholds, Block count: 25 Duration: 0 00:30:00.0 The SET AUDIT command in this example enables disk monitoring and switches the mode so the disk space is monitored in terms of time rather than free blocks.
|