Hitachi

JP1 Version 12 JP1/IT Desktop Management 2 Distribution Function Administration Guide

B.3 Output format of audit log information

The following describes the output format, output destination, and output items of an audit log entry. Also shown is an example of audit log output.

Organization of this subsection

(1) Audit log output format

An audit log entry consists of the string CALFHM indicating the information is formatted as an audit log, followed by the revision number of the audit log, and finally the relevant output items.

The following figure shows the output format of audit log information.

Figure B‒1: Audit log output format

[Figure]

To Page Top

(2) Audit log output destination

Audit log information is output to the following directory:

Audit log output destination:

JP1/IT-Desktop-Management 2 - Manager-installation-directory\mgr\log

To Page Top

(3) Output items

The items in an audit log fall into the following two categories:

(a) Common output items

The following table lists the values output as common output items, and describes each item.

Table B‒2: Common output items in audit logs

No.

Output item

Value

Description

Item name

Output attribute name

1

Common specification identifier

--

CALFHM

An ID indicating that the information is formatted as an audit log.

2

Common specification revision number

--

1.0

The revision number used to manage the audit log.

3

Sequence number

seqnum

sequence-number

The sequence number of the audit log entry.

4

Message ID

msgid

message-ID

The message ID of the product.

5

Date and time

date

YYYY-MM-DDThh:mm:ss.sssTZD#

The date and time at which the audit log was acquired, and the time zone.

6

Generated program name

progid

JP1ITDM2

The name of the program that generated the event.

7

Generated component name

compid

DistributionManager

The following commands and functions can generate audit log entries:

Menu items in the JP1_IT Desktop Management 2 - Manager or JP1_IT Desktop Management 2 - Agent folder:

  • Remote Install Manager

  • Unarchiver

  • Packager

Commands:

  • Dcmcoll

    Collect files

  • Dcmgpmnt

    Apply policies to host groups as a batch

  • Dcminst

    Create and execute jobs

  • Dcmjbrm

    Delete jobs

  • Dcmjexe

    Execute a job

  • Dcmpack

    Execute packaging

  • Dcmpkget

    Back up a package

  • Dcmpkput

    Restore packages from a backup

  • Dcmpkrm

    Delete a package

  • Dcmrmgen

    Delete a job definition

  • Dcmrtry

    Re-execute a job

  • Dcmstat

    Acquire the execution status of a job

  • Dcmstsw

    Monitor the execution status of a job

  • Dcmsusp

    Suspend and resume file transfer

The name of the function that generated the event.

8

Generated process ID

pid

process-ID

The ID of the process where the event occurred.

9

Generated location

ocp:host

host-name

The host name of the host where the event occurred.

If the host name could not be acquired, a hyphen (-) is output.

10

Event type

ctgry

  • StartStop

  • Authentication

  • ContentAccess

The category to which the event output to the audit log belongs.

11

Event result

result

  • Success

    The event was successful

  • Failure

    The event was a failure

  • Occurrence

    An event occurred (other than success or failure)

The result of the event.

12

Subject identification information

subj:uid

The user account or Administrator

Information about the user associated with the event.

subj:pid

process-ID

Information about the process that caused the event
Legend:

--: No attribute name is output.

#

YYYY represents the year, MM the month, DD the day, hh the hour, mm the minutes, ss the seconds, and sss the milliseconds.

T is the delimiter between the date and time.

TZD specifies the time zone. One of the following is output:

+hh:mm: Indicates a time zone hh:mm ahead of UTC.

-hh:mm: Indicates a time zone hh:mm behind UTC.

Z: Indicates a time zone equivalent to UTC.

(b) Fixed output items

The following table lists the values output as fixed output items, and describes each item.

Table B‒3: Fixed output items in audit logs

No.

Output item

Value

Description

Item name

Output attribute name

1

Action information

op

  • Regist

    Package registration

  • Execute

    Execution of an Install package job or Send package, allow client users to choose job

Information about the user operation that caused the event to occur.

Information is not output for operations that do not correspond to these values.

2

Free description

msg

Any message

A message describing the event.

To Page Top

(4) Example of audit log output

The following shows an example of the audit log data output in the process of starting Remote Install Manager in JP1/IT Desktop Management 2 - Manager and creating a host.

In this example, a host was created by the following procedure:

  1. Start Remote Install Manager.

  2. Perform user authentication.

  3. Execute a job to create a new host.

  4. Exit Remote Install Manager.

The audit log data output during this process is as follows:

Figure B‒2: Audit log data

[Figure]

To Page Top

Copyright (C) 2019, 2022, Hitachi, Ltd.

Copyright (C) 2019, 2022, Hitachi Solutions, Ltd.

Copyright, patent, trademark, and other intellectual property rights related to the "TMEng.dll" file are owned exclusively by Trend Micro Incorporated.