Table 22-10 lists the operands that can be specified for using the security audit facility.
Table 22-10 Operands specified for using the security audit facility
Operand | Explanation |
---|---|
pd_audit | Specifies whether or not collection of an audit trail is to start from the time HiRDB starts: Y: Collect an audit trail from the time of HiRDB startup. N: Do not start collecting an audit trail at the time HiRDB starts. Even if N is specified in this operand, an audit trail can be collected by executing the pdaudbegin command. If Y is specified in the pd_audit operand, or if the pdaudbegin command is executed, audit trails for the following events are collected unconditionally:
|
pd_aud_file_name | Specifies the HiRDB file system area to be used for the audit trail files. HiRDB creates the audit trail files in this HiRDB file system area. This operand must be specified when the security audit facility is used. If it is not specified, the security audit facility cannot be used. When this operand is specified, HiRDB will not start if an access error occurs in the HiRDB file system area for the audit trail files during startup of HiRDB (or unit for a HiRDB/Parallel Server). |
pd_aud_max_generation_size | Specifies the maximum size of an audit trail file. |
pd_aud_max_generation_num* | Specifies the maximum number of audit trail file generations to be created in the HiRDB file system area for audit trail files. |
pd_aud_no_standby_file_opr | Specifies the processing when there are no available swappable audit trail files: down: When there is one or fewer swappable audit trail files available, HiRDB (or unit for a HiRDB/Parallel Server) is to be terminated forcibly. forcewrite (default): When there are no swappable audit trail files available, a data load waiting audit trail file (excluding files in shutdown status) is to be forcibly made the swap target so that audit trail output will continue. For details about the status of audit trail files, see 22.6 Operation of audit trail files. |
pd_aud_async_buff_size | Specifies the buffer length to be used when the audit trail is output asynchronously. |
pd_aud_async_buff_count | Specifies the number of buffers to be used when the audit trail is output asynchronously. |
pd_aud_async_buff_retry_intvl | Specifies the interval at which buffer monitoring is to be retried until an unused buffer is allocated when all the buffers used for asynchronous output of an audit trail are in use. |
pd_aud_file_wrn_pnt | Specifies that a warning message is to be output when the number of unswappable audit trail files reaches a warning level. Specify for the warning value a value that is less than the maximum number of audit trail file generations specified in the pd_aud_max_generation_num operand. |
Figure 22-4 Recommended relationship between the value of pd_aud_max_generation_num and the -l option