I am not sure what you mean by "Users need to be able to call UAF services."
If you don't want to use the AUDIT facility, and you are only interested in successful logins, then what you propose, "Ideally we want to run a suitable executable from sys$sylogin and append data to one file." will certainly work.
Is your question about what services this executable needs to call the get this information?. Every item you are asking about is in your revised requirements "16-Sep-2007 10:00,nodename,userid,uaf account field, IP address." are available via $getjpi, and do not require any privileges to get. The UAF Owner field (if you are meaning the 31 character field modified by UAF MOD /OWNER="Thomas Ritter") is available via $GETUAI, no privilege needed for a process to get this for its own username.
Specifically $GETJPI items "LOGINTIM","NODENAME","USERNAME","ACCOUNT","TT_ACCPORNAM"
The TT_ACCPORNAM may need some parsing, if all you want it the numeric IP address.
To see what is available with $GETJPI using DCL
Example sys$scratch:userlogin.com
$ logintim = f$extract(0,17,f$getjpi("","LOGINTIM"))
$ nodename = f$edit(f$getjpi("","NODENAME"),"TRIM")
$ username = f$edit(f$getjpi("","USERNAME"),"TRIM")
$ account = f$edit(f$getjpi("","ACCOUNT"),"TRIM")
$ tt_accpornam = f$edit(f$getjpi("","TT_ACCPORNAM"),"TRIM")
$ write sys$output "''logintim',''nodename',''username',''account',''tt_accpornam'"
$ @scr:userlogin
12-APR-2007 05:08,SIGMA,JON,TESTIT,Host: 192.168.172.58 Port: 1235
$
As John Gillings has mentioned, you probably don't want the "single output file" to be accessed without privilege, so you will need to compile this program and link/notraceback, then do one of two things:
1. Install the program with SYSPRV privilege so it can write to the file.
or 2. Create subsystem identifier (uaf add/id/attr=subsystem), then add a subsystem ace to the executatbles ACL, with the subsystem identifier, and protect the "output file" with the subsystem identifier.
Option 2 is considered to be a lower risk than option 1, because the harm that can be done due to holding the identifier is smaller than the harm that can be done with SYSPRV.
RE: worries about concurrency, etc. I don't think you will have any problems, just make user you open the file for shared write access. I am quite certain this is even supported for sequential files although you may want to consider using an indexed file to make looking up specific users easier. And you probably want to append the time to the username (or whatever you use as your keys) so you don't have long chains of duplicate key values. The primary point here it that you first want to see if it is really a problem before you put a lot of resources into optimizing it. John has addressed so things you can do to improve the efficiency as well.
Since you seem resistant to using the auditing facility, can you tell us why? There are certainly advantages to using it, and if you are doing this to satisfy some SOX requirement, then you will more than likely be using it already. And there are already tools to summarize data, etc.
I can understand why the ACCOUNTING file does not fulfill your requirements, since it does not have the ip address, and unless you are using image accounting, does not provide the info until the process logs out. It is also node specific. The Audit journal file does not have these problems.
it depends
