- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - OpenVMS
- >
- Log Files for login procedure
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-12-2008 04:46 AM
тАО08-12-2008 04:46 AM
Log Files for login procedure
Thanks in advance.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-12-2008 04:53 AM
тАО08-12-2008 04:53 AM
Re: Log Files for login procedure
$ set watch file/class=all
--> very cryptic, all file accesses
2. Image accouting
$ set acc/ena=image
--> all images executed, not all file used
3. Audit
$ set audit/aud/enable=access=all
--> all file accesses of ALL processes, lots of lines and dangerous for performance. Good if directly disable after a few seconds.
Wim
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-12-2008 04:55 AM
тАО08-12-2008 04:55 AM
Re: Log Files for login procedure
1. log is in sys$output
2. log via accouting/fu [acc filename]
3. log via anal/aud/fu [aud file name]
Wim
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-12-2008 05:45 AM
тАО08-12-2008 05:45 AM
Re: Log Files for login procedure
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-12-2008 05:45 AM
тАО08-12-2008 05:45 AM
Re: Log Files for login procedure
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-12-2008 05:47 AM
тАО08-12-2008 05:47 AM
Re: Log Files for login procedure
$ sh log sylogin
%SHOW-S-NOTRAN, no translation for logical name SYLOGIN
$
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-12-2008 05:50 AM
тАО08-12-2008 05:50 AM
Re: Log Files for login procedure
But reset audit back to its original values asap after the test.
Wim
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-12-2008 06:07 AM
тАО08-12-2008 06:07 AM
Re: Log Files for login procedure
Post show audit/all if you don't know how to do it in detail.
Wim
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-12-2008 06:37 AM
тАО08-12-2008 06:37 AM
Re: Log Files for login procedure
List of audit journals:
Journal name: SECURITY
Journal owner: (system audit journal)
Destination: SYS$COMMON:[SYSMGR]SECURITY.AUDIT$JOURNAL
Monitoring: enabled
Warning thresholds, Block count: 100 Duration: 2 00:00:00.0
Action thresholds, Block count: 25 Duration: 0 00:30:00.0
Security auditing server characteristics:
Database version: 4.4
Backlog (total): 100, 200, 300
Backlog (process): 5, 2
Server processing intervals:
Archive flush: 0 00:01:00.00
Journal flush: 0 00:05:00.00
Resource scan: 0 00:05:00.00
Final resource action: purge oldest audit events
Security archiving information:
Archiving events: none
Archive destination:
System security alarms currently enabled for:
ACL
Authorization
Audit: illformed
Breakin: dialup,local,remote,network,detached,server
Login: batch,dialup
Logfailure: batch,dialup,local,remote,network,subprocess,detached
Logout: batch,dialup
System security audits currently enabled for:
ACL
Authorization
Audit: illformed
Breakin: dialup,local,remote,network,detached,server
Login: batch,dialup
Logfailure: batch,dialup,local,remote,network,subprocess,detached
Logout: batch,dialup
$
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-12-2008 06:47 AM
тАО08-12-2008 06:47 AM
Re: Log Files for login procedure
2) do your test (create the process)
3) set aud/aud/disa=access=all
4) wait 5 minutes to flush the audit buffers
5) anal/aud/fu/select=proc=id=xxx/out=x.lis -
SYS$COMMON:[SYSMGR]SECURITY.AUDIT$JOURNAL
(untested !)
xxx is the pid ofyour process. Alternative is /sel=proc=nam=yyy where yyy is the process name.
Wim