12.4.5 Checking the operational status of the audit trail facility
The following explains how to check the operational status of the audit trail facility.
To check the operational status of the audit trail facility, you must execute the adbaudittrail command.
As either of the following HADB users, execute the adbaudittrail command with the -d option specified:
-
An HADB user who has the audit admin privilege
-
An HADB user who has the audit viewer privilege
- Note
-
For information about the adbaudittrail command, see adbaudittrail (Manage the Audit Trail Facility) in the manual HADB Command Reference.
When you execute the adbaudittrail command with the -d option specified, the command outputs the operational status of the audit trail facility.
- ■ Checking whether the audit trail facility is enabled
-
To find out whether the audit trail facility is enabled, check the value output for audit.
If the value output for audit is ACTIVE or ACTIVE(NO OUTPUT), the audit trail facility is enabled. A value of ACTIVE(NO OUTPUT) means that output of audit trails to the audit trail file is suspended.
If the value output for audit is INACTIVE, the audit trail facility is disabled.
- ■ Checking the processing method used when audit trail data cannot be written to the audit trail file
-
To find out the approach used when audit trails cannot be written to the audit trail file due to the disk being full or a disk failure, check the value output for write-error.
If the value output for write-error is DOWN, the HADB server is configured to terminate abnormally when an attempt to write to the audit trail file fails.
If the value output for write-error is FAILSOFT, the HADB server will continue to operate even if an attempt to write to the audit trail file fails.
- ■ Checking values specified in server definition entries related to the audit trail facility
-
To find out the values specified for server definition entries that relate to the audit trail facility, check the values output for the following items:
-
The value output for audit-directory-path is the directory specified for the adb_audit_log_path operand in the server definition. You can use this value to check the location of the audit trail directory.
-
The value output for audit-file-max-size is the value specified for the adb_audit_log_max_size operand in the server definition. This value represents the maximum size of an audit trail file.
-
The value output for audit-file-number is the value specified for the adb_audit_log_max_num operand in the server definition. This value represents the maximum number of generations of audit trail files.
-