25.5.9 Using audit trail files

Executor: HiRDB administrator or auditor
When using the standby system switchover facility or the standby-less system switchover (1:1) facility:
The HiRDB administrator creates audit trail files on a shared disk. The HiRDB administrator and the auditor can use the audit trail files on the shared disk.
When using the standby-less system switchover (effects distributed) facility:
The HiRDB administrator creates audit trail files on a shared disk of the regular unit. During this process, the HiRDB administrator must select a destination disk that is different from the individual servers' shared disks (disks that store individual servers' system log files, synchronization point dump files, and server status files).
At the system switchover destination, the audit trail files of the accepting unit are shared.
The HiRDB administrator and the auditor can use the audit trail files of both the regular unit and the accepting unit.
Organization of this subsection
(1) Creating audit trail files
(2) Using audit trail files
(3) Collecting audit trails
(4) Executing the pdload command

(1) Creating audit trail files

(a) When using the standby system switchover facility or standby-less system switchover (1:1) facility

The HiRDB administrator creates audit trail files on a shared disk.

(b) When using the standby-less system switchover (effects distributed) facility

The HiRDB administrator creates audit trail files on a shared disk of the regular unit. During this process, the HiRDB administrator must select a destination disk that is different from the individual servers' shared disks (disks that store individual servers' system log files, synchronization point dump files, and server status files).

If audit trail files are created on a shared disk that corresponds to individual servers, the disk's host is switched when system switchover occurs. Consequently, other running servers within the unit can no longer output audit trails. At the system switchover destination, the audit trail files of the accepting unit are shared.

(2) Using audit trail files

(a) When using the standby system switchover facility or standby-less system switchover (1:1) facility

When system switchover occurs, HiRDB records monitored events in an audit trail file on the shared disk. For details about using audit trail files related to recording of monitored events, see 22.6 Operation of audit trail files.

(b) When using the standby-less system switchover (effects distributed) facility

When system switchover occurs, HiRDB records monitored events in the audit trail file being used by the accepting unit at the switching destination. In this case, operation of audit trail files related to monitored event records is managed centrally by the accepting unit.

For a system that uses the standby-less system switchover (effects distributed) facility, audit trails must be collected at all units.

(3) Collecting audit trails

(a) When using the standby system switchover facility or standby-less system switchover (1:1) facility

When system switchover occurs, how the audit trail collection status is inherited depends on whether or not the switched unit stops. If the system at the switching destination is restarted, the status before system switchover occurred is inherited. If the system at the switching destination is started normally, the specification in the pd_audit operand is used.

(b) When using the standby-less system switchover (effects distributed) facility

When system switchover occurs, whether an audit trail is collected depends on the accepting unit's status. Table 25-18 shows whether an audit trail is collected when the standby-less system switchover (effects distributed) facility is used.

Table 25-18 Collection of audit trails when the standby-less system switchover (effects distributed) facility is used

Unit typeUnit statusAccepting unit
CollectingNot collecting
Regular unitCollectingCollectsDoes not collect
Not collectingCollectsDoes not collect

Figure 25-43 shows an example of audit trail collection when the standby-less system switchover (effects distributed) facility is used.

Figure 25-43 Audit trail collection example when the standby-less system switchover (effects distributed) facility is used

[Figure]

(4) Executing the pdload command

(a) When using the standby system switchover facility or standby-less system switchover (1:1) facility

The auditor executes the pdload command using an audit trail file as the input information. However, if a factor such as an error caused system switchover, HiRDB will not have correctly collected the audited events that occurred immediately before the system switchover. For this reason, even if the pdload command is executed, it may not be possible to collect the data that existed immediately before system switchover.

(b) When using the standby-less system switchover (effects distributed) facility

The auditor executes the pdload command using the audit trail files of the regular unit and the accepting unit as the input information. The audit trails of a server that has been switched are processed as server information belonging to the accepting unit.

When a factor such as an error caused system switchover, HiRDB will not have correctly collected the audited events that occurred immediately before the system switchover. For this reason, even if the pdload command is executed, it may not be possible to collect the data that existed immediately before system switchover.

Operation during an error: When an error occurs, load the audit log as follows:
  1. At the running host, manually activate the disk storing the audit trail files collected before system switchover.
  2. Using the audit trail files of the regular unit and the accepting unit as the input information, execute the pdload command.

Operation after error recovery: Load the audit log using the same method as used before the error occurred.