OpenTP1 Version 7 Programming Reference COBOL Language
CBLDCADT('PRINT ') - Output audit log data
Format
PROCEDURE DIVISION specification
CALL 'CBLDCADT' USING unique-name-1 unique-name-2 unique-name-3 |
DATA DIVISION specification
01 unique-name-1. 02 data-name-A PIC X(8) VALUE 'PRINT '. 02 data-name-B PIC X(5). 02 FILLER PIC X(3). 02 data-name-Z PIC S9(9) COMP VALUE ZERO. 01 unique-name-2. 02 data-name-C PIC X(12). 02 data-name-D PIC X(3). 02 FILLER PIC X(1). 02 data-name-E PIC S9(9) COMP. 02 data-name-F PIC S9(9) COMP. 02 data-name-G PIC S9(9) COMP. 01 unique-name-3. 02 data-name-H PIC S9(9) COMP. 02 data-name-I PIC X(n). |
Description
CBLDCADT('PRINT ') outputs to the audit log file the following information items, in addition to the information specified as arguments: header information, serial number, date and time, relevant program name, relevant process ID, location, subject identification information, object information, object location information, request sender host, and location identification information. The relevant program is OpenTP1, which generates the audit log data. If an error occurs during output of audit log data, an error message is sent to the standard error output and syslog.
In OpenTP1, numbers from 34000 to 34999 are assigned for message IDs used by CBLDCADT('PRINT '). If you create a UAP, make sure that the message IDs output by the UAP are in the range from 34000 to 34999.
For details on the items output as audit log data, see the manual OpenTP1 Programming Guide.
Data areas whose values are set in the UAP
data-name-A
Specify VALUE 'PRINT' as the request code that indicates a request for outputting audit log data.
data-name-Z
Specify the value 0.
data-name-C
Specify the identifier of an audit log entry (message ID).
Specify the identifier in the format KFCAnnnnn-x (11 characters) and follow the identifier with a null character. For nnnnn, specify a five-digit serial number in the range from 34000 to 34999. For x, specify E, W, or I as the message type according to the type of information provided by the audit log entry to be output.
data-name-D
Specify any value that identifies the UAP that called the function CBLDCADT('PRINT ') (calling program ID). The value you set must be two numeric characters, alphabetic characters, or symbols followed by a null character. In the audit log, the format is *AA, with an asterisk (*) prefixed (AA: character string specified in data-name-D).
data-name-E
Specify one of the following numeric values as the audit event type to be included in the audit log data.
Audit event type | Value | Meaning |
---|---|---|
StartStop | 1000 | Audit event related to a start or stop operation |
Authentication | 1001 | Audit event related to identification or authentication |
AccessControl | 1002 | Audit event related to access control |
ConfigurationAccess | 1003 | Audit event related to the configuration definition |
Failure | 1004 | Audit event related to failures |
LinkStatus | 1005 | Audit event related to the linkage status |
ExternalService | 1006 | Audit event related to external services |
ContentAccess | 1007 | Audit event related to access to important information |
Maintenance | 1008 | Audit event related to maintenance |
AnomalyEvent | 1009 | Audit event related to anomalies |
ManagementAction | 1010 | Audit event related to management operation |
For details on audit event types, see the manual OpenTP1 Operation.
data-name-F
Specify one of the following values as the audit event result to be included in the audit log data:
Audit event result | Value | Meaning |
---|---|---|
Success | 2000 | Successful event |
Failure | 2001 | Failed event |
Occurrence | 2002 | Event that cannot be categorized as success or failure |
data-name-G
Specify the value to be included as operation information in the audit log data. Make sure that you specify one of the following reserved words according to the audit event type specified by data-name-E. If you specify the value 0, this item will not be included in the audit log data.
Table 2-1 Correspondence between audit event types and reserved words
Audit event type | Reserved word | Value | Meaning |
---|---|---|---|
StartStop (start or stop operation) | Start | 3000 | Start or activation |
Stop | 3001 | Termination or stop | |
Authentication (identification or authentication) | Login | 3002 | Login |
Logout | 3003 | Logout | |
Logon | 3004 | Logon | |
Logoff | 3005 | Logoff | |
Disable | 3006 | Account disabled | |
AccessControl (access control) | Enforce | 3007 | Enforcement |
ConfigurationAccess (configuration definition) | Refer | 3008 | Reference |
Add | 3009 | Addition | |
Update | 3010 | Updating | |
Delete | 3011 | Deletion | |
Failure (failures) | Occur | 3012 | Occurrence |
LinkStatus (linkage status) | Up | 3013 | Linkage active |
Down | 3014 | Linkage inactive | |
ExternalService (external services) | Request | 3015 | Request |
Response | 3016 | Response | |
Send | 3017 | Sending | |
Receive | 3018 | Receiving | |
ContentAccess (access to important information) | Refer | 3008 | Reference |
Add | 3009 | Addition | |
Update | 3010 | Updating | |
Delete | 3011 | Deletion | |
Maintenance (maintenance) | Install | 3019 | Installation |
Uninstall | 3020 | Uninstallation | |
Update | 3010 | Updating | |
Backup | 3021 | Backup | |
Maintain | 3022 | Maintenance work | |
AnomalyEvent (anomalies) | Occur | 3012 | Occurrence |
ManagementAction (management operation) | Invoke | 3023 | Invocation (the administrator) |
Notify | 3024 | Notification (the administrator) |
data-name-H
Specify the length of the character string to be included as the freely specified description in the audit log data. If you specify the value 0, this item will not be included in the audit log data.
data-name-I
Set the freely specified description to be included in the audit log data.
You can use numeric characters, alphabetic characters, symbols, spaces, double quotation marks ("), and commas (,). The description can have a maximum of 1024 characters.
The description specified in data-name-I is enclosed in double quotation marks ("). If a double quotation mark (") is included in the description, the double quotation mark is prefixed by another double quotation mark.
Data areas whose values are set in OpenTP1
data-name-B
A five-digit number is returned as the status code.
Status code
Status code | Meaning |
---|---|
00001 | Output of audit log data has been disabled. Possible causes are as follows:
|
The message ID specified in data-name-C has not been specified in the log_audit_message operand in the log service definition. | |
An invalid message has been specified. | |
00000 | The function terminated normally. |
01900 | The value specified in a data area is incorrect. |
01904 | Definition analysis failed. |
01999 | The dc_rpc_open function was not issued. |
01997 | An error other than the above occurred. |
All Rights Reserved. Copyright (C) 2006, 2010, Hitachi, Ltd.