HPE Community
Operating System - OpenVMS
1753486 Members
4154 Online
108794 Solutions
New Discussion юеВ

Re: VMS Workstation Security Monitoring

 
Joseph Huber_1
Honored Contributor

тАО09-28-2005 07:59 PM

тАО09-28-2005 07:59 PM

Re: VMS Workstation Security Monitoring

To "route to a bigger machine", You mean just have the audit event sent, not written to a journal on that machine ? I doubt it is possible, except the documented /listener mailbox.

The operator messages are independent of audit journal or archive, they always are sent clusterwise from opcom.
Just don't have an operator log file started on all other nodes (the default anyway on workstations), and no OPCOM enabled terminals except the one wanted.

Setting the audit journal destination to a decnet address: I doubt it is possible, but hey : why don't You just test it and report what happens ?
http://www.mpp.mpg.de/~huber
0 Kudos
Reply
Ian Miller.
Honored Contributor

тАО09-28-2005 09:00 PM

тАО09-28-2005 09:00 PM

Re: VMS Workstation Security Monitoring

If you want the audit information to go to another file in addition the audit log the look at HELP SET AUDIT/ARCHIVE
____________________
Purely Personal Opinion
0 Kudos
Reply
Willem Grooters
Honored Contributor

тАО09-29-2005 12:53 AM

тАО09-29-2005 12:53 AM

Re: VMS Workstation Security Monitoring

Indeed, all OPCOM will be sent, but enable just ONE OPER termnal for class SECURITY. No experience, just deducting: it will show security-related messages. /ARCHIVE could filter. Someting I CAN test (and will report upon).



I would if I had two (non-clustered) systems communicating via DECNet (I have plans to create such a network but time is limited)

Willem
Willem Grooters
OpenVMS Developer & System Manager
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.