CBLDCADT('PRINT ') - Output audit log data

Format

PROCEDURE DIVISION specification

CALL 'CBLDCADT' USING unique-name-1 unique-name-2 unique-name-3

DATA DIVISION specification

01 unique-name-1.
  02 data-name-A  PIC X(8) VALUE 'PRINT   '.
  02 data-name-B  PIC X(5).
  02 FILLER    PIC X(3).
  02 data-name-Z  PIC S9(9) COMP VALUE ZERO.
01 unique-name-2.
  02 data-name-C  PIC X(12).
  02 data-name-D  PIC X(3).
  02 FILLER    PIC X(1).
  02 data-name-E  PIC S9(9) COMP.
  02 data-name-F  PIC S9(9) COMP.
  02 data-name-G  PIC S9(9) COMP.
01 unique-name-3.
  02 data-name-H  PIC S9(9) COMP.
  02 data-name-I  PIC X(n).

Description

CBLDCADT('PRINT ') outputs to the audit log file the following information items, in addition to the information specified as arguments: header information, serial number, date and time, relevant program name, relevant process ID, location, subject identification information, object information, object location information, request sender host, and location identification information. The relevant program is OpenTP1, which generates the audit log data. If an error occurs during output of audit log data, an error message is sent to the standard error output and syslog.

In OpenTP1, numbers from 34000 to 34999 are assigned for message IDs used by CBLDCADT('PRINT '). If you create a UAP, make sure that the message IDs output by the UAP are in the range from 34000 to 34999.

For details on the items output as audit log data, see the manual OpenTP1 Programming Guide.

Data areas whose values are set in the UAP

data-name-A

Specify VALUE 'PRINT[Figure]' as the request code that indicates a request for outputting audit log data.

data-name-Z

Specify the value 0.

data-name-C

Specify the identifier of an audit log entry (message ID).

Specify the identifier in the format KFCAnnnnn-x (11 characters) and follow the identifier with a null character. For nnnnn, specify a five-digit serial number in the range from 34000 to 34999. For x, specify E, W, or I as the message type according to the type of information provided by the audit log entry to be output.

data-name-D

Specify any value that identifies the UAP that called the function CBLDCADT('PRINT ') (calling program ID). The value you set must be two numeric characters, alphabetic characters, or symbols followed by a null character. In the audit log, the format is *AA, with an asterisk (*) prefixed (AA: character string specified in data-name-D).

data-name-E

Specify one of the following numeric values as the audit event type to be included in the audit log data.

Audit event typeValueMeaning
StartStop1000Audit event related to a start or stop operation
Authentication1001Audit event related to identification or authentication
AccessControl1002Audit event related to access control
ConfigurationAccess1003Audit event related to the configuration definition
Failure1004Audit event related to failures
LinkStatus1005Audit event related to the linkage status
ExternalService1006Audit event related to external services
ContentAccess1007Audit event related to access to important information
Maintenance1008Audit event related to maintenance
AnomalyEvent1009Audit event related to anomalies
ManagementAction1010Audit event related to management operation

For details on audit event types, see the manual OpenTP1 Operation.

data-name-F

Specify one of the following values as the audit event result to be included in the audit log data:

Audit event resultValueMeaning
Success2000Successful event
Failure2001Failed event
Occurrence2002Event that cannot be categorized as success or failure

data-name-G

Specify the value to be included as operation information in the audit log data. Make sure that you specify one of the following reserved words according to the audit event type specified by data-name-E. If you specify the value 0, this item will not be included in the audit log data.

Table 2-1 Correspondence between audit event types and reserved words

Audit event typeReserved wordValueMeaning
StartStop (start or stop operation)Start3000Start or activation
Stop3001Termination or stop
Authentication (identification or authentication)Login3002Login
Logout3003Logout
Logon3004Logon
Logoff3005Logoff
Disable3006Account disabled
AccessControl (access control)Enforce3007Enforcement
ConfigurationAccess (configuration definition)Refer3008Reference
Add3009Addition
Update3010Updating
Delete3011Deletion
Failure (failures)Occur3012Occurrence
LinkStatus (linkage status)Up3013Linkage active
Down3014Linkage inactive
ExternalService (external services)Request3015Request
Response3016Response
Send3017Sending
Receive3018Receiving
ContentAccess (access to important information)Refer3008Reference
Add3009Addition
Update3010Updating
Delete3011Deletion
Maintenance (maintenance)Install3019Installation
Uninstall3020Uninstallation
Update3010Updating
Backup3021Backup
Maintain3022Maintenance work
AnomalyEvent (anomalies)Occur3012Occurrence
ManagementAction (management operation)Invoke3023Invocation (the administrator)
Notify3024Notification (the administrator)

data-name-H

Specify the length of the character string to be included as the freely specified description in the audit log data. If you specify the value 0, this item will not be included in the audit log data.

data-name-I

Set the freely specified description to be included in the audit log data.

You can use numeric characters, alphabetic characters, symbols, spaces, double quotation marks ("), and commas (,). The description can have a maximum of 1024 characters.

The description specified in data-name-I is enclosed in double quotation marks ("). If a double quotation mark (") is included in the description, the double quotation mark is prefixed by another double quotation mark.

Data areas whose values are set in OpenTP1

data-name-B

A five-digit number is returned as the status code.

Status code

Status codeMeaning
00001Output of audit log data has been disabled. Possible causes are as follows:
  • The log_audit_out operand in the log service definition has been set to N or has not been specified.
  • The log_audit_suppress operand has been set to Y in the log service definition.
The message ID specified in data-name-C has not been specified in the log_audit_message operand in the log service definition.
An invalid message has been specified.
00000The function terminated normally.
01900The value specified in a data area is incorrect.
01904Definition analysis failed.
01999The dc_rpc_open function was not issued.
01997An error other than the above occurred.