OpenTP1 Version 7 Operation
Entries are output to an audit log in the following format:
CALFHM 1.0,output-item-1=value-1, output-item-2=value-2, ... output-item-n=value-n |
The string CALFHM 1.0 serves as header information, and is output for all audit log entries.
The following is an example of audit log output:
CALFHM 1.0, seqnum=1, msgid=KFCA33400-I, date=2007-10-30T16:09:59.884+09:00, progid=OpenTP1, compid=adm, pid=11600, ocp:ipv4=192.112.100.10, ctgry=StartStop, result=Success, subj:euid="tp1user", obj="smpl", op=Start, loc="/OpenTP1", msg="User tp1user started OpenTP1(smpl)." |
The following table lists the items entered in an audit log file.
Table 3-12 Items output to audit log file
Item name | Meaning | Content | Common or program-specific#1 |
---|---|---|---|
seqnum | Sequence number | A process-specific sequence number assigned to audit logs | Common information |
msgid | Message ID | The message ID | |
date | Date and time | The date and time when the message was output, in the following format: YYYY-MM-DDThh:mm:ss.sssTZD YYYY: Year MM: Month DD: Day T: delimiter between date and time hh: Hours mm: Minutes ss: Seconds sss: Milliseconds TZD: Timezone#2 |
|
progid | Source program | The character string OpenTP1 | |
compid | Source component | The name of the component where the event occurred. Audit logs acquired from a UAP by an API which outputs audit logs have the format *AA, where AA is the value specified in the API. Audit logs that do not begin with * are output by OpenTP1. | |
pid | Process ID | The ID of the process associated with the event | |
ocp:host | Source location | The host name or IP address of the server where the event occurred | |
ocp:ipv4 | |||
ctgry | Event category | The event category, as one of the following:
|
|
result | Event result | The result of the event, as one of the following:
|
|
subj:euid | Subject ID information | The user or process that caused the event, as one of the following:
|
|
subj:pid | |||
obj | Object information | Information identifying the target of the operation that generated the event | Program-specific information |
op | Action information | The type of action that generated the event, as one of the following:
|
|
objloc | Object location information | Information about the location of the object | |
from:host | Request source host | When the event involves multiple programs, the host name or IP address where the request originated | |
from:ipv4 | |||
from:port | Request source port | When the event involves multiple programs, the port number where the request originated | |
to:host | Request destination host | When the event involves multiple programs, the host name or IP address where the request was directed | |
to:ipv4 | |||
to:port | Request destination port | When the event involves multiple programs, the port number where the request was directed | |
loc | Location information | The information set in the DCDIR environment variable | |
msg | Message | A message describing the nature of the event |
For details about which items are output for each type of event, see C. Information Output for Audited Events.
All Rights Reserved. Copyright (C) 2006, 2010, Hitachi, Ltd.