- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - OpenVMS
- >
- Writing to SECURITY.AUDIT$JOURNAL from DCL
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-18-2007 03:03 AM
тАО09-18-2007 03:03 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-18-2007 09:01 AM
тАО09-18-2007 09:01 AM
Re: Writing to SECURITY.AUDIT$JOURNAL from DCL
In a past life, I used $SNDJBCW( ...
SJC$_WRITE_ACCOUNTING ...) to write
user-specified data to the account[i]ng file,
but that was from a FORTRAN program, and I
don't see F$SNDJBCW() under "HELP Lexicals".
You might be able to trigger an auditable
event to get _something_ logged, but if
there's a way to write arbitrary data there,
it'd be news to me. (Of course, many things
are.)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-18-2007 09:15 AM
тАО09-18-2007 09:15 AM
Re: Writing to SECURITY.AUDIT$JOURNAL from DCL
A small program to do this would not be hard.
Purely Personal Opinion
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-18-2007 11:18 AM
тАО09-18-2007 11:18 AM
Re: Writing to SECURITY.AUDIT$JOURNAL from DCL
There's the brute-force approach of granting or revoking an specific identifier, deliberately tripping a security ACE on a specified object, or sending a mail message somewhere special.
Or write a little code (using the callable API), and invoke it from the DCL.
Some background on the particular task here?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-18-2007 11:36 AM
тАО09-18-2007 11:36 AM
SolutionSee $AUDIT_EVENT for the "right" way to do this.
As Ian suggested, you could write messages directly to the audit mailbox from DCL. See the docs for audit listener mailbox (Guide to OpenVMS System Security), I'm fairly sure the structure of the messages are the same.
If your objective is just to trigger recognisable event(s) in the audit journal, that's fairly easy to do. Just create yourself an empty file with a descriptive name and place an audit ACE on the file. For example:
$ CREATE AUDIT_EVENTS:DAVES_EVENT_1.AUD
$ SET SECURITY/ACL=(AUDIT=SECURITY,ACCESS=READ+SUCCESS+FAILURE) AUDIT_EVENTS:DAVES_EVENT_1.AUD
Now to trigger the even simply TYPE the file. You can then use ANALYZE/AUDIT commands to filter out your events by file name.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-22-2007 12:15 AM
тАО10-22-2007 12:15 AM
Re: Writing to SECURITY.AUDIT$JOURNAL from DCL
Dave