OpenTP1 Version 7 Operation
The following table lists the information output for audited events.
Table C-1 Information output for audited events
Audited event | Information output for event | |
---|---|---|
Item name | Contents | |
OpenTP1 startup | Message ID (msgid) | KFCA33400-I |
Component (compid) | adm | |
Event type (ctgry) | StartStop | |
Event result (result) | Success | |
Subject ID information (subj: (euid, pid)) | User name or ID of the user who executed the dcstart command. | |
Object (obj) | Node identifier | |
Action information (op) | Start | |
Object location information (objloc) | -- | |
Request source host (from:ipv4) | -- | |
Request source port number (from:port) | -- | |
Request destination host (to:ipv4) | -- | |
Request destination port number (to:port) | -- | |
Log message size (Units: bytes) | 290 + 2*a | |
OpenTP1 standby | Message ID (msgid) | KFCA33401-I |
Component (compid) | adm | |
Event type (ctgry) | StartStop | |
Event result (result) | Success | |
Subject ID information (subj: (euid, pid)) | User name or ID of the superuser. | |
Object (obj) | Node identifier | |
Action information (op) | Start | |
Object location information (objloc) | -- | |
Request source host (from:ipv4) | -- | |
Request source port number (from: port) | -- | |
Request destination host (to: ipv4) | -- | |
Request destination port number (to:port) | -- | |
Log message size (Units: bytes) | 326 + 2*a | |
Normal termination of OpenTP1 | Message ID (msgid) | KFCA33402-I |
Component (compid) | adm | |
Event type (ctgry) | StartStop | |
Event result (result) | Success | |
Subject ID information (subj: (euid, pid)) | User name or ID of the user who executed the dcstop command | |
Object (obj) | Node identifier | |
Action information (op) | Stop | |
Object location information (objloc) | -- | |
Request source host (from:ipv4) | -- | |
Request source port number (from:port) | -- | |
Request destination host (to:ipv4) | -- | |
Request destination port number (to:port) | -- | |
Log message size (Units: bytes) | 289 + 2*a | |
Abnormal termination of OpenTP1 | Message ID (msgid) | KFCA33403-E |
Component (compid) | adm | |
Event type (ctgry) | Failure | |
Event result (result) | Occurrence | |
Subject ID information (subj: (euid, pid)) | The PID associated with the process that led to the OpenTP1 system going down (0 is output if the process is a process service.) |
|
Object (obj) | Node identifier (**** is output if the node identifier cannot be acquired.) |
|
Action information (op) | Occur | |
Object location information (objloc) | -- | |
Request source host (from:ipv4) | -- | |
Request source port number (from:port) | -- | |
Request destination host (to:ipv4) | -- | |
Request destination port number (to:port) | -- | |
Log message size (Units: bytes) | 321 | |
Critical error in process service | Message ID (msgid) | KFCA33404-E |
Component (compid) | prc | |
Event type (ctgry) | Failure | |
Event result (result) | Occurrence | |
Subject ID information (subj: (euid, pid)) | PID of process service | |
Object (obj) | Node identifier (**** is output if the node identifier cannot be acquired.) |
|
Action information (op) | Occur | |
Object location information (objloc) | -- | |
Request source host (from:ipv4) | -- | |
Request source port number (from:port) | -- | |
Request destination host (to:ipv4) | -- | |
Request destination port number (to:port) | -- | |
Log message size (Units: bytes) | 331 | |
User server startup | Message ID (msgid) | KFCA33405-I |
Component (compid) | adm | |
Event type (ctgry) | StartStop | |
Event result (result) | Success | |
Subject ID information (subj: (euid, pid)) | User name or ID of the user who executed the dcsvstart command | |
Object (obj) | User server name | |
Action information (op) | Start | |
Object location information (objloc) | Node identifier | |
Request source host (from:ipv4) | -- | |
Request source port number (from:port) | -- | |
Request destination host (to:ipv4) | -- | |
Request destination port number (to:port) | -- | |
Log message size (Units: bytes) | 285 + 2*(a + b) | |
Remarks | These items are also output at startup and termination of the following servers: RAP-processing server, RAP-processing listener, RAP-processing client manager, TP1/EE, RTSSPP, RTSSUP, MQC gateway server, mqrspp, mqrsup |
|
Normal termination of user server | Message ID (msgid) | KFCA33406-I |
Component (compid) | adm | |
Event type (ctgry) | StartStop | |
Event result (result) | Success | |
Subject ID information (subj: (euid, pid)) | User name or ID of the user who executed the dcsvstop command | |
Object (obj) | User server name | |
Action information (op) | Stop | |
Object location information (objloc) | Node identifier | |
Request source host (from:ipv4) | -- | |
Request source port number (from:port) | -- | |
Request destination host (to:ipv4) | -- | |
Request destination port number (to:port) | -- | |
Log message size (Units: bytes) | 284 + 2*(a + b) | |
Remarks | These items are also output at startup and termination of the following servers: RAP-processing server, RAP-processing listener, RAP-processing client manager, TP1/EE, RTSSPP, RTSSUP, MQC gateway server, mqrspp, mqrsup |
|
Abnormal termination of user server | Message ID (msgid) | KFCA33407-E |
Component (compid) | adm | |
Event type (ctgry) | Failure | |
Event result (result) | Occurrence | |
Subject ID information (subj: (euid, pid)) | PID of the user server process that went down | |
Object (obj) | User server name | |
Action information (op) | Occur | |
Object location information (objloc) | Node identifier | |
Request source host (from:ipv4) | -- | |
Request source port number (from:port) | -- | |
Request destination host (to:ipv4) | -- | |
Request destination port number (to:port) | -- | |
Log message size (Units: bytes) | 313 + 2*b | |
Remarks | These items are also output at startup and termination of the following servers: RAP-processing server, RAP-processing listener, RAP-processing client manager, TP1/EE, RTSSPP, RTSSUP, MQC gateway server, mqrspp, mqrsup |
|
User server shutdown | Message ID (msgid) | KFCA33408-I |
Component (compid) | scd | |
Event type (ctgry) | Failure | |
Event result (result) | Occurrence | |
Subject ID information (subj: (euid, pid)) | PID of scheduler service | |
Object (obj) | User server name | |
Action information (op) | Occur | |
Object location information (objloc) | Node identifier | |
Request source host (from:ipv4) | -- | |
Request source port number (from:port) | -- | |
Request destination host (to:ipv4) | -- | |
Request destination port number (to:port) | -- | |
Log message size (Units: bytes) | 348 + 2*b | |
Service shutdown on user server | Message ID (msgid) | KFCA33409-I |
Component (compid) | scd | |
Event type (ctgry) | Failure | |
Event result (result) | Occurrence | |
Subject ID information (subj: (euid, pid)) | PID of scheduler service | |
Object (obj) | User server name, service name | |
Action information (op) | Occur | |
Object location information (objloc) | Node identifier | |
Request source host (from:ipv4) | -- | |
Request source port number (from:port) | -- | |
Request destination host (to:ipv4) | -- | |
Request destination port number (to:port) | -- | |
Log message size (Units: bytes) | 365 + 2*(b (user-server-name) + b (service-name)) | |
Successful client user authentication | Message ID (msgid) | KFCA33410-I |
Component (compid) | nam | |
Event type (ctgry) | Authentication | |
Event result (result) | Success | |
Subject ID information (subj: (euid, pid)) | PID of name service | |
Object (obj) | Received login name | |
Action information (op) | Login | |
Object location information (objloc) | Node identifier | |
Request source host (from:ipv4) | Y | |
Request source port number (from:port) | Y | |
Request destination host (to:ipv4) | -- | |
Request destination port number (to:port) | -- | |
Log message size (Units: bytes) | 364 + 2*b | |
Remarks | Output when Y is specified for the client_uid_check operand in the system common definition. | |
Unsuccessful client user authentication | Message ID (msgid) | KFCA33411-W |
Component (compid) | nam | |
Event type (ctgry) | Authentication | |
Event result (result) | Failure | |
Subject ID information (subj: (euid, pid)) | PID of name service | |
Object (obj) | Received login name | |
Action information (op) | Login | |
Object location information (objloc) | Node identifier | |
Request source host (from:ipv4) | Y | |
Request source port number (from:port) | Y | |
Request destination host (to:ipv4) | -- | |
Request destination port number (to:port) | -- | |
Log message size (Units: bytes) | 360 + 2*b | |
Remarks | Output when Y is specified for the client_uid_check operand in the system common definition. | |
Service function started execution | Message ID (msgid) | KFCA33412-I |
Component (compid) | rpc | |
Event type (ctgry) | AccessControl | |
Event result (result) | Occurrence | |
Subject ID information (subj: (euid, pid)) | PID of the user server that received the service function request | |
Object (obj) | Name of requested service | |
Action information (op) | Enforce | |
Object location information (objloc) | Name of the requested service group | |
Request source host (from:ipv4) | Y | |
Request source port number (from:port) | Y (Outputs the reception port number of the request source.) |
|
Request destination host (to:ipv4) | -- | |
Request destination port number (to:port) | -- | |
Log message size (Units: bytes) | 552 + 2*(b + c) + FSV + FSVG | |
Remarks |
|
|
Service function completed execution | Message ID (msgid) | KFCA33413-I |
Component (compid) | rpc | |
Event type (ctgry) | AccessControl | |
Event result (result) | Occurrence | |
Subject ID information (subj: (euid, pid)) | PID of the user server that received the service function request | |
Object (obj) | Name of requested service | |
Action information (op) | Enforce | |
Object location information (objloc) | Name of the requested service group | |
Request source host (from:ipv4) | Y | |
Request source port number (from:port) | Y (Outputs the reception port number of the request source.) |
|
Request destination host (to:ipv4) | -- | |
Request destination port number (to:port) | -- | |
Log message size (Units: bytes) | 553 + 2*(b + c) + FSV + FSVG | |
Remarks |
|
|
Invalid message discarded | Message ID (msgid) | KFCA33414-W |
Component (compid) | rpc | |
Event type (ctgry) | AnomalyEvent | |
Event result (result) | Occurrence | |
Subject ID information (subj: (euid, pid)) | PID of the process that detected the invalid message | |
Object (obj) | Reception port number | |
Action information (op) | Occur | |
Object location information (objloc) | Node identifier (**** is output if the node identifier cannot be acquired.) |
|
Request source host (from:ipv4) | Y | |
Request source port number (from:port) | Y (0 is output for UNIX domain communication.) |
|
Request destination host (to:ipv4) | -- | |
Request destination port number (to:port) | -- | |
Log message size (Units: bytes) | 542 | |
RPC call completed | Message ID (msgid) | KFCA33415-I |
Component (compid) | rpc | |
Event type (ctgry) | AccessControl | |
Event result (result) | Success/Failure | |
Subject ID information (subj: (euid, pid)) | PID of the user server that issued the request | |
Object (obj) | Destination service of RPC request | |
Action information (op) | Enforce | |
Object location information (objloc) | Name of the service group comprising the requested service | |
Request source host (from:ipv4) | Y | |
Request source port number (from:port) | Y (Outputs the reception port number of the call source.) |
|
Request destination host (to:ipv4) | Y (Not output if an error is detected before the destination of the RPC request can be established.) |
|
Request destination port number (to:port) | Y (Not output if an error is detected before the destination of the RPC request can be established.) |
|
Log message size (Units: bytes) | 709 + 2*(b + c) + FSV + FSVG | |
Remarks |
|
|
RPC response received (when using the dc_rpc_poll_any_replies function) |
Message ID (msgid) | KFCA33416-I |
Component (compid) | rpc | |
Event type (ctgry) | AccessControl | |
Event result (result) | Success/Failure | |
Subject ID information (subj: (euid, pid)) | PID of the user server that issued dc_rpc_poll_any_replies() | |
Object (obj) | Destination service of RPC request (******** is output if an error is detected when using asynchronous-response RPC, before a response is received.) |
|
Action information (op) | Enforce | |
Object location information (objloc) | Name of the service group comprising the requested service (******** is output if an error is detected when using asynchronous-response RPC, before a response is received.) |
|
Request source host (from:ipv4) | -- | |
Request source port number (from:port) | -- | |
Request destination host (to:ipv4) | -- | |
Request destination port number (to:port) | -- | |
Log message size (Units: bytes) | 538 + 2*(b + c) + FSV + FSVG | |
Remarks | May also be output for the following servers, depending on the product versions used: Client extended service, RAP-processing server, RAP-processing listener, PAR-processing client manager, TP1/EE, MQC gateway server, mqrspp, mqrsup |
|
Invalid RAP message discarded | Message ID (msgid) | KFCA33417-W |
Component (compid) | scs | |
Event type (ctgry) | AnomalyEvent | |
Event result (result) | Occurrence | |
Subject ID information (subj: (euid, pid)) | PID of the process that detected the invalid message | |
Object (obj) | Reception port number | |
Action information (op) | Occur | |
Object location information (objloc) | Node identifier | |
Request source host (from:ipv4) | Y | |
Request source port number (from:port) | Y | |
Request destination host (to:ipv4) | Y | |
Request destination port number (to:port) | Y | |
Log message size (Units: bytes) | 535 | |
Error accessing the OpenTP1 file system | Message ID (msgid) | KFCA33418-W |
Component (compid) | fil | |
Event type (ctgry) | ContentAccess | |
Event result (result) | Failure | |
Subject ID information (subj: (euid, pid)) | User name or ID of the process that requested access to the file | |
Object (obj) | Name of the OpenTP1 file (If the name of the OpenTP1 file system cannot be acquired, this item is not output.) |
|
Action information (op) | Refer/Add/Update/Delete | |
Object location information (objloc) | Name of the OpenTP1 file system (If the name of the OpenTP1 file system cannot be acquired, this item is not output.) |
|
Request source host (from:ipv4) | -- | |
Request source port number (from:port) | -- | |
Request destination host (to:ipv4) | -- | |
Request destination port number (to:port) | -- | |
Log message size (Units: bytes) | 345 + 2*a + b + c | |
Command execution | Message ID (msgid) | KFCA33419-I |
Component (compid) | cmd | |
Event type (ctgry) | Maintenance | |
Event result (result) | Success/Failure/Occurrence | |
Subject ID information (subj: (euid, pid)) | User name or ID of the user who executed the command. | |
Object (obj) | Command name | |
Action information (op) | Maintain | |
Object location information (objloc) | -- | |
Request source host (from:ipv4) | -- | |
Request source port number (from:port) | -- | |
Request destination host (to:ipv4) | -- | |
Request destination port number (to:port) | -- | |
Log message size (Units: bytes) | 306 + 2*(a + b) + CPARM | |
Startup of OpenTP1 service | Message ID (msgid) | KFCA33420-I |
Component (compid) | nts | |
Event type (ctgry) | StartStop | |
Event result (result) | Success | |
Subject ID information (subj: (euid, pid)) | Service logon account | |
Object (obj) | Service name (Windows service name) | |
Action information (op) | Start | |
Object location information (objloc) | -- | |
Request source host (from:ipv4) | -- | |
Request source port number (from:port) | -- | |
Request destination host (to:ipv4) | -- | |
Request destination port number (to:port) | -- | |
Log message size (Units: bytes) | 268 + 2*(a + b) | |
Remarks | Output only in the Windows version | |
Termination of OpenTP1 service | Message ID (msgid) | KFCA33421-I |
Component (compid) | nts | |
Event type (ctgry) | StartStop | |
Event result (result) | Success | |
Subject ID information (subj: (euid, pid)) | Service logon account | |
Object (obj) | Service name (Windows service name) | |
Action information (op) | Stop | |
Object location information (objloc) | -- | |
Request source host (from:ipv4) | -- | |
Request source port number (from:port) | -- | |
Request destination host (to:ipv4) | -- | |
Request destination port number (to:port) | -- | |
Log message size (Units: bytes) | 259 + 2*(a + b) | |
Log message size (Units: bytes) | Output only in the Windows version | |
User-specific information acquired from a UAP | Message ID (msgid) | KFCA34000-x to KFCA34999-x |
Component (compid) | User-specified value. (Output in the format *AA, where AA is the value specified by the audit log output API.) |
|
Event type (ctgry) | User-specified value | |
Event result (result) | Success/Failure/Occurrence | |
Subject ID information (subj: (euid, pid)) | User name or ID of the user server that called the audit log output API | |
Object (obj) | Service name | |
Action information (op) | User-specified value | |
Object location information (objloc) | User server name | |
Request source host (from:ipv4) | Y | |
Request source port number (from:port) | -- | |
Request destination host (to:ipv4) | -- | |
Request destination port number (to:port) | -- | |
Log message size (Units: bytes) | 290 + a + b + c + msg |
Variable | Description |
---|---|
a | The number of characters output as subject ID information |
b | The number of characters output as object information |
c | The number of characters output as object location information |
FSV | The number of characters in the name of the requesting service |
FSVG | The number of characters in the name of the service group that issued the request |
CPARM | The number of characters in the command parameters |
msg | The number of characters in the comment |
Equation = 290+2*a = 290+2*7 = 304 Chars in DCDIR = 12 Log size = 304 + 12= 316 |
All Rights Reserved. Copyright (C) 2006, 2010, Hitachi, Ltd.