- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - OpenVMS
- >
- OpenVMS Audit logs
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-06-2022 12:31 PM
04-06-2022 12:31 PM
OpenVMS Audit logs
how does everyone open a new Security audit journal ? do you have a batch job do it? I'd like to close out on a weekly basis. also has anyone had any luck moving the old audit journals to a splunk server?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-06-2022 01:32 PM
04-06-2022 01:32 PM
Query: OpenVMS Audit logs
System recommended content:
1. HPE SSMC 3.8.x User Guide | File access audit logs
Please click on "Thumbs Up/Kudo" icon to give a "Kudo".
Thank you for being a HPE valuable community member.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-06-2022 02:40 PM
04-06-2022 02:40 PM
Re: OpenVMS Audit logs
> how does everyone open a new Security audit journal ? [...]
I can't speak for everyone. I have a DCL script which I try to
remember to use annually.
> [...] do you have a batch job do it? [...]
I do it manually, in case my (not-well-tested) procedure does
something unexpected.
Use/examine at your own risk:
$! 2014-01-02 SMS.
$!
$! Annual security audit file management.
$!
$! Note:
$! If you omit the file-spec parameter, the Audit Analysis utility
$! (ANALYZE /AUDIT) searches for the default audit log file
$! SECURITY.AUDIT$JOURNAL.
$!
$! The default audit log file is created in the SYS$COMMON:[SYSMGR]
$! directory. To use the file, specify SYS$MANAGER on the ANALYZE
$! /AUDIT command line. If you do not specify a directory, the
$! utility searches for the file in the current directory.
$!
$ year = f$cvtime( f$time(), , "year") ! This year.
$ pyear = year- 1 ! Previous year.
$!
$! Disable auditing.
$!
$ SET AUDIT /SERVER = EXIT
$!
$! Save previous year's audit journal data in SECURITY_pyear.AUDIT$JOURNAL.
$!
$ ANALYZE /AUDIT /BINARY /SINCE = 1-JAN-'pyear' /BEFORE = 1-JAN-'year' -
/OUTPUT = SYS$COMMON:[SYSMGR]SECURITY_'pyear'.AUDIT$JOURNAL -
SYS$MANAGER:SECURITY.AUDIT$JOURNAL
$!
$! Extract current year's SECURITY.AUDIT$JOURNAL data into new
$! SECURITY.AUDIT$JOURNAL.
$!
$ ANALYZE /AUDIT /BINARY /SINCE = 1-JAN-'year' -
/OUTPUT = SYS$COMMON:[SYSMGR]SECURITY.AUDIT$JOURNAL_new -
SYS$MANAGER:SECURITY.AUDIT$JOURNAL
$!
$ RENAME SYS$COMMON:[SYSMGR]SECURITY.AUDIT$JOURNAL_new -
SYS$COMMON:[SYSMGR]SECURITY.AUDIT$JOURNAL;
$!
$! Restart audit server.
$!
$ @ SYS$SYSTEM:STARTUP.COM AUDIT_SERVER
$!
$ write sys$output " Delete SYS$MANAGER:SECURITY.AUDIT$JOURNAL;-1 ?"
$ write sys$output " Compress SYS$MANAGER:SECURITY_''pyear'.AUDIT$JOURNAL ?"
$!