12.8.1 Overview of linkage between the audit trail facility and JP1/Audit

This subsection provides information about the following three points as an overview of linkage between the audit trail facility and JP1/Audit:

System configuration example
Server configuration and prerequisite software programs
Notes on executing the adbconvertaudittrailfile command

Organization of this subsection

(1) System configuration example
(2) Server configuration and prerequisite software programs
(3) Notes on executing the adbconvertaudittrailfile command

(1) System configuration example

This subsection explains a system configuration for linking the audit trail facility with JP1/Audit.

The following figure shows an example of a system configuration for linking the audit trail facility with JP1/Audit.

Figure 12‒7: Example of a system configuration for linking the audit trail facility with JP1/Audit

Explanation

The system configuration example in this figure consists of two types of servers (a server for managing audit logs and servers from which audit logs are collected).

The server for managing audit logs collects audit trail information from the event databases of JP1/Base on the servers from which audit logs are collected. The server for managing audit logs then can centrally manage the collected information.

On one server from which audit logs are collected, the HADB server outputs audit trail information and converts the information by using the adbconvertaudittrailfile command. The converted audit trail information is collected into the event database of JP1/Base on the server from which audit logs are collected.

Note: The user who is appointed as an auditor can perform auditing by accessing the server for managing audit logs from a web browser.

To Page Top

(2) Server configuration and prerequisite software programs

This subsection explains a server configuration and prerequisite software programs for linking the audit trail facility with JP1/Audit.

■ Server configuration

As explained in (1) System configuration example, the following two types of servers are required to link the audit trail facility with JP1/Audit:

Server for managing audit logs

A server machine on which JP1/Audit and JP1/Base operate. This server collects audit trail information from servers from which audit logs are collected, and centrally manages the collected information.
Server from which audit logs are collected

A server machine on which the HADB server and JP1/Base operate. This server collects the HADB server's audit trail information converted by the adbconvertaudittrailfile command into the event database of JP1/Base.

Important: The HADB server and JP1/Audit support different OSs. Therefore, it is impossible to install JP1/Audit on a server machine on which the HADB server operates.

■ Prerequisite software programs

The following table lists the software programs that are prerequisite for linkage between the audit trail facility and JP1/Audit.

Table 12‒4: Software programs prerequisite for linkage between the audit trail facility and JP1/Audit
No.	Installation-target server	Prerequisite software program
1	Server for managing audit logs	JP1/Audit Management - Manager 11-00 or later
2	Server for managing audit logs	JP1/Base 11-10 or later
3	Server from which audit logs are collected	JP1/Base 11-10 or later

To Page Top

(3) Notes on executing the adbconvertaudittrailfile command

Note the following points when executing the adbconvertaudittrailfile commands:

Execute the adbconvertaudittrailfile command while audit logs are being monitored by JP1/Audit. If the adbconvertaudittrailfile command is executed while the audit logs are not being monitored, JP1/Audit does not collect the converted audit trail information.
The adbconvertaudittrailfile command can be executed only while the HADB server is operating. To prevent other users from using the HADB server while the adbconvertaudittrailfile command is being executed, change the HADB server operation mode to maintenance mode. After that, execute the adbconvertaudittrailfile command. For details about maintenance mode, see 10.2.3 HADB server operation modes.
The adbconvertaudittrailfile command cannot be executed for the current audit trail file. To convert the audit trail information in a file that is the current audit trail file, use the adbaudittrail --swap command to swap the current audit trail file. Then, execute the adbconvertaudittrailfile command for the renamed audit trail file. For details about swapping the current audit trail file, see 12.4.2 Swapping the current audit trail file.

Note

For details about the adbconvertaudittrailfile command, see adbconvertaudittrailfile (Convert the Audit Trail File) in the manual HADB Command Reference.
For details about the adbaudittrail command, see adbaudittrail (Manage the Audit Trail Facility) in the manual HADB Command Reference.

To Page Top