Job Management Partner 1/Asset Information Manager Planning and Setup Guide

[Contents][Glossary][Index][Back][Next]

Appendix G.3 Audit log output format

This appendix explains the output format and output destination of audit logs, and the items that are output in audit logs. It also provides an audit log output example.

Organization of this subsection
(1) Audit log output format
(2) Audit log output destination
(3) Items output in audit logs
(4) Audit log output example

(1) Audit log output format

An audit log is output as CALFHM, which indicates the audit log format, followed by an audit log revision number and the applicable output item.

The following figure shows the audit log format.

Figure G-1 Audit log output format

[Figure]

(2) Audit log output destination

Audit logs are output to the folder that was specified for Audit log entry output folder in the Server Setup dialog box. The default folder is the following:

Asset-Information-Manager-installation-folder\auditlog

For details about how to specify the audit log output destination in the Server Setup dialog box, see the explanation of the audit log entry output folder in 5.3.4 Setting Basic Information.

(3) Items output in audit logs

There are two types of items that are output in audit logs: common output items and fixed output items. Each type is explained below.

(a) Common output items

The following table shows the values that are output for the common output items and their description.

Table G-2 Common output items in audit logs

No. Output item Value Description
Item name Output attribute name
1 Common specification identifier -- CALFHM Identifier that indicates the audit log format
2 Common specification revision number -- X.X Revision number for managing audit logs
3 Sequence number seqnum Sequence number Audit log sequence number
4 Message ID msgid KDAMxxxx-x Message ID for each product
5 Date/time date YYYY-MM-DDThh:mm:ss.sssTZD# Audit log acquisition date/time and time zone
6 Generated program name progid jp1netmaim Name of the program in which the event occurred
7 Generated component name compid
  • stu
    Server setup component
  • w3c
    Asset Information Manager's job component that is executed on ISS by a browser or other product-related program
 Name of the component in which the event occurred
8 Generate process ID pid Process ID ID of the process in which the event occurred
9 Generated location ocp:host Host name Name of the host in which the event occurred
If the host name cannot be acquired, no value is displayed.
10 Event type ctgry
  • ConfigurationAccess
  • Authentication
  • ContentAccess
 Identifiers for classifying the events that are output to audit logs
11 Event result result
  • Success
    Success
  • Failure
    Failure
  • Occurrence
    Occurrence of an event that does not have success or failure classification
 Result of the event that occurred
12 Subject identification information subj:euid Windows account Information about the user who caused the event
subj:uid Asset Information Manager user ID

Legend:
--: Attribute name is not output.

#
YYYY indicates the year; MM, the month; DD, the day; hh, the hour; mm, the minute; ss, the second; and sss, the millisecond.
T separates the date from the time.
TZD is the time zone identifier. One of the following is output:
+hh:mm: Indicates that the local time is ahead of GMT by hh:mm.
-hh:mm: Indicates that the local time is behind GMT by hh:mm.
Z: Indicates that the local time is the same as GMT.

(b) Fixed output items

The following table shows the values that are output for the fixed output items and their description.

Table G-3 Fixed output items in audit logs

No. Output item Value Description
Item name Output attribute name
1 Object information obj
  • aimJOB
    Setup (batch system)
  • aimAuth
    Authentication (login)
  • aimClass
    Asset Information Manager's job processing
 Information about the file or database that caused the event
2 Action information op#
  • Login
    Login
  • Logout
    Logout
  • Add
    Addition
  • Update
    Update
  • Delete
    Deletion
 Information about the user operation that caused the event
3 Table name obj:table#
  • Device
  • Software
  • Group
  • User
  • Location
  • Software name
  • License name
  • Installed software name
  • Role
  • Managed items
  • Customize Job Windows
  • Customize Job Menu
  • Assign Inventory
 Managed class name
4 Free description msg# Arbitrary message Message indicating the event contents

#
For details about the messages that are output and the related items that are set in correspondence to these messages, see G.4 Audit log messages and related output items.

(4) Audit log output example

The following example shows the audit log output when a user logs in to Asset Information Manager and executes server setup.

The following operations are executed in this case:

  1. Executing server setup.
  2. Logging in to Asset Information Manager.
  3. Registering device information.
  4. Logging out of Asset Information Manager.

The following figure shows an example of the audit log output.

Figure G-2 Example of audit log output

[Figure]

[Contents][Back][Next]

[Trademarks]

All Rights Reserved. Copyright (C) 2009, 2011, Hitachi, Ltd.