OpenTP1 Version 7 Programming Reference COBOL Language

[Contents][Index][Back][Next]

CBLDCADT('PRINT ') - Output audit log data

Format

PROCEDURE DIVISION specification

CALL 'CBLDCADT' USING unique-name-1 unique-name-2 unique-name-3

DATA DIVISION specification

01 unique-name-1.
   02 data-name-A  PIC X(8) VALUE 'PRINT   '.
   02 data-name-B  PIC X(5).
   02 FILLER    PIC X(3).
   02 data-name-Z  PIC S9(9) COMP VALUE ZERO.
01 unique-name-2.
   02 data-name-C  PIC X(12).
   02 data-name-D  PIC X(3).
   02 FILLER    PIC X(1).
   02 data-name-E  PIC S9(9) COMP.
   02 data-name-F  PIC S9(9) COMP.
   02 data-name-G  PIC S9(9) COMP.
01 unique-name-3.
   02 data-name-H  PIC S9(9) COMP.
   02 data-name-I  PIC X(n).

Description

CBLDCADT('PRINT ') outputs to the audit log file the following information items, in addition to the information specified as arguments: header information, serial number, date and time, relevant program name, relevant process ID, location, subject identification information, object information, object location information, request sender host, and location identification information. The relevant program is OpenTP1, which generates the audit log data. If an error occurs during output of audit log data, an error message is sent to the standard error output and syslog.

In OpenTP1, numbers from 34000 to 34999 are assigned for message IDs used by CBLDCADT('PRINT '). If you create a UAP, make sure that the message IDs output by the UAP are in the range from 34000 to 34999.

For details on the items output as audit log data, see the manual OpenTP1 Programming Guide.

Data areas whose values are set in the UAP

data-name-A

Specify VALUE 'PRINT[Figure]' as the request code that indicates a request for outputting audit log data.

data-name-Z

Specify the value 0.

data-name-C

Specify the identifier of an audit log entry (message ID).

Specify the identifier in the format KFCAnnnnn-x (11 characters) and follow the identifier with a null character. For nnnnn, specify a five-digit serial number in the range from 34000 to 34999. For x, specify E, W, or I as the message type according to the type of information provided by the audit log entry to be output.

data-name-D

Specify any value that identifies the UAP that called the function CBLDCADT('PRINT ') (calling program ID). The value you set must be two numeric characters, alphabetic characters, or symbols followed by a null character. In the audit log, the format is *AA, with an asterisk (*) prefixed (AA: character string specified in data-name-D).

data-name-E

Specify one of the following numeric values as the audit event type to be included in the audit log data.

Audit event type Value Meaning
StartStop 1000 Audit event related to a start or stop operation
Authentication 1001 Audit event related to identification or authentication
AccessControl 1002 Audit event related to access control
ConfigurationAccess 1003 Audit event related to the configuration definition
Failure 1004 Audit event related to failures
LinkStatus 1005 Audit event related to the linkage status
ExternalService 1006 Audit event related to external services
ContentAccess 1007 Audit event related to access to important information
Maintenance 1008 Audit event related to maintenance
AnomalyEvent 1009 Audit event related to anomalies
ManagementAction 1010 Audit event related to management operation

For details on audit event types, see the manual OpenTP1 Operation.

data-name-F

Specify one of the following values as the audit event result to be included in the audit log data:

Audit event result Value Meaning
Success 2000 Successful event
Failure 2001 Failed event
Occurrence 2002 Event that cannot be categorized as success or failure

data-name-G

Specify the value to be included as operation information in the audit log data. Make sure that you specify one of the following reserved words according to the audit event type specified by data-name-E. If you specify the value 0, this item will not be included in the audit log data.

Table 2-1 Correspondence between audit event types and reserved words

Audit event type Reserved word Value Meaning
StartStop (start or stop operation) Start 3000 Start or activation
Stop 3001 Termination or stop
Authentication (identification or authentication) Login 3002 Login
Logout 3003 Logout
Logon 3004 Logon
Logoff 3005 Logoff
Disable 3006 Account disabled
AccessControl (access control) Enforce 3007 Enforcement
ConfigurationAccess (configuration definition) Refer 3008 Reference
Add 3009 Addition
Update 3010 Updating
Delete 3011 Deletion
Failure (failures) Occur 3012 Occurrence
LinkStatus (linkage status) Up 3013 Linkage active
Down 3014 Linkage inactive
ExternalService (external services) Request 3015 Request
Response 3016 Response
Send 3017 Sending
Receive 3018 Receiving
ContentAccess (access to important information) Refer 3008 Reference
Add 3009 Addition
Update 3010 Updating
Delete 3011 Deletion
Maintenance (maintenance) Install 3019 Installation
Uninstall 3020 Uninstallation
Update 3010 Updating
Backup 3021 Backup
Maintain 3022 Maintenance work
AnomalyEvent (anomalies) Occur 3012 Occurrence
ManagementAction (management operation) Invoke 3023 Invocation (the administrator)
Notify 3024 Notification (the administrator)

data-name-H

Specify the length of the character string to be included as the freely specified description in the audit log data. If you specify the value 0, this item will not be included in the audit log data.

data-name-I

Set the freely specified description to be included in the audit log data.

You can use numeric characters, alphabetic characters, symbols, spaces, double quotation marks ("), and commas (,). The description can have a maximum of 1024 characters.

The description specified in data-name-I is enclosed in double quotation marks ("). If a double quotation mark (") is included in the description, the double quotation mark is prefixed by another double quotation mark.

Data areas whose values are set in OpenTP1

data-name-B

A five-digit number is returned as the status code.

Status code

Status code Meaning
00001 Output of audit log data has been disabled. Possible causes are as follows:
  • The log_audit_out operand in the log service definition has been set to N or has not been specified.
  • The log_audit_suppress operand has been set to Y in the log service definition.
The message ID specified in data-name-C has not been specified in the log_audit_message operand in the log service definition.
An invalid message has been specified.
00000 The function terminated normally.
01900 The value specified in a data area is incorrect.
01904 Definition analysis failed.
01999 The dc_rpc_open function was not issued.
01997 An error other than the above occurred.