22.5.1 Actions performed by the HiRDB administrator

Organization of this subsection
(1) Collect an audit trail
(2) Delete audit trail files
(3) Manipulate the RDAREA that stores the audit trail table
(4) Create an HiRDB file system area for the audit trail files

(1) Collect an audit trail

The HiRDB administrator uses one of the following methods to collect an audit trail:

To stop collection of the audit trail, execute the pdaudend command. Only the HiRDB administrator can execute this command. The auditor cannot use this command.

Reference note
  • If HiRDB is restarted, the previous operating status is inherited. If an audit trail was being collected, it will be collected after restart; if an audit trail was not being collected, it will not be collected after restart.
  • If HiRDB undergoes a normal startup, then rather than the previous operating status, the specification of the pd_audit operand takes precedence. Even if an audit trail was being collected, if pd_audit=N is specified, no audit trail will be collected after a normal startup. If an audit trail was not being collected but pd_audit=Y is specified, an audit trail will be collected after the normal startup.

(2) Delete audit trail files

Audit trail files can be deleted with the pdaudrm command. Only the HiRDB administrator can use this command. The auditor cannot use this command.

(3) Manipulate the RDAREA that stores the audit trail table

The HiRDB administrator manipulates the RDAREA that stores the audit trail table. For example, the HiRDB administrator can perform the following actions:

* This is performed when the RDAREA that stores the audit trail table is modified. For example, the HiRDB administrator can remove usage privileges for the RDAREA before it is modified, and grant an auditor usage privileges for the RDAREA after it is modified.

(4) Create an HiRDB file system area for the audit trail files

The HiRDB administrator manipulates the HiRDB file system area for the audit trail files. For example, the HiRDB administrator performs the following actions:

* HiRDB does not output this event as part of the audit trail. Use the OS's audit facility to audit this event.