16.25.3 Linkage with JP1/Audit Management - Manager (when the multi-node function is being used)
To collect and centrally manage audit trails by linking with JP1/Audit, use the adbconvertaudittrailfile command to convert audit trails, and then output the conversion results to a common format audit trail file. For details about conversion of audit trail information, see 2.18.9 Conversion of audit trail information (linkage with JP1/Audit Management - Manager).
The adbconvertaudittrailfile command can be executed on the master node or slave node. You do not need to execute the adbconvertaudittrailfile command on the node that output the audit trail file. Therefore, the following two operation methods can be used:
-
Operation method in which the master node and slave node output and convert (by using the adbconvertaudittrailfile command) audit trail files individually
-
Operation method in which the master node uses the adbconvertaudittrailfile command to convert all audit trail files
Whichever operation method you use, you can check the same information with JP1/Audit. Note that you must create the output-directory for common format audit trails on a node-local file system.
The following provides notes on using each operation method.
- ■ If the master node and slave node output and convert audit trail files individually (by using the adbconvertaudittrailfile command)
-
Specify the environment settings of JP1/Audit on all nodes on which the adbconvertaudittrailfile command is executed.
For details about the environment settings of JP1/Audit, see (2) Environment settings for JP1/Audit in 12.8.3 Environment settings for linking the audit trail facility with JP1/Audit. For details about the adbconvertaudittrailfile command, see adbconvertaudittrailfile (Convert the Audit Trail File) in the manual HADB Command Reference.
You do not need to set up JP1/Base in a cluster environment.
- Important
-
Create the output-directory for common format audit trails on each node. If multiple nodes simultaneously attempt to output common format audit trail files to the same directory, these files are not correctly output.
The following shows an example of the operation procedure:
-
On each node, after an audit trail file has been output to the audit trail directory, use the adbconvertaudittrailfile command to convert the file to a common format audit trail file.
-
When step 1 finishes, move the audit trail files from the audit trail directories of all nodes to the audit trail storage directory that is shared by all nodes.
- ■ If the master node uses the adbconvertaudittrailfile command to convert all audit trail files
-
Specify the environment settings of JP1/Audit on the master node on which the adbconvertaudittrailfile command is executed.
When the master node is switched, if you want the adbconvertaudittrailfile command to be executed on the new master node, specify the environment settings of JP1/Audit on all nodes. In this case, you do not need to set up JP1/Base in a cluster environment.
For details about the environment settings of JP1/Audit, see (2) Environment settings for JP1/Audit in 12.8.3 Environment settings for linking the audit trail facility with JP1/Audit. For details about the adbconvertaudittrailfile command, see adbconvertaudittrailfile (Convert the Audit Trail File) in the manual HADB Command Reference.
The following shows an example of the operation procedure:
-
On each node, move the audit trail file from the audit trail directory to the audit trail storage directory that is shared by all nodes.
-
After the audit trail files have been moved to the audit trail storage directory, on the master node, execute the adbconvertaudittrailfile command to convert those files into common format audit trail files.
-