Audit switch, audit trail, audit file, audit query are presented.
并给出了审计开关、审计记录、审计文件、审计查询的具体实现。
The key decision made in cbfunc() is to decide if we should write to the audit file.
cbfunc()中做出的关键决定是决定我们是否应该写入审计文件。
Once the auditing period is over, the audit file can be converted from its native, raw format into a readable text file.
审计结束后,便可以将审计文件从它本地的原始格式转换成一种易读的文本文件。
When the facility is started, generated audit records are written into a buffer area and then flushed to disk into an audit file.
启动审计功能后,生成的审计记录被写入到一个缓冲区,然后刷新到磁盘上的一个审计文件中。
For example, if the value is a 'd,' write the information to an audit file, recording this row has been deleted, but do not delete the data from the warehouse.
例如,如果值是‘D’,则将信息写入审计文件中,记录此行已删除,但不删除数据仓库中的数据。
It would be handy in our audit if we could introduce some way of including a machine's location in the XML file.
如果我们可以引入使XML文件中包含机器位置的一些方法,那么这会使我们的审计方便些。
The text file produced by the extraction process is composed of several audit records, each separated by a blank line.
提取过程所产生的文本文件由一些审计记录组成,每个记录之间以一个空白行隔开。
Audit records can be extracted from this file into a text file that can be analyzed further.
可以将审计记录从该文件提取到一个文本文件中,以便作进一步的分析。
Listing 3 shows a snippet of audit records that were extracted using the FILE option.
清单3展示了使用FILE选项提取的审计记录的一个片段。
BIN mode: Records the audit events to two alternating temporary BIN files, and then appends them to a single audit trail file.
BIN模式:将审核事件记录到两个交换使用的临时BIN文件中,然后将它们追加到一个审核跟踪文件中。
Due to the large amount of data in the audit log table, a single INSERT statement will usually fail because the data per transaction exceeds the log file size of the database system.
因为审核日志表格里有大量的数据,单独的insert语句通常会失败,这是因为每个事务的数据超过了数据库系统里的日志文件的容量。
This command also creates a new audit configuration file if the original one has been lost or damaged.
如果初始的审计配置文件已丢失或被毁坏,则该命令还创建一个新的审计配置文件。
Once auditing is configured and audit records generated, they can be extracted into a text file, which can then be analyzed.
完成审计的配置并且生成了审计记录后,可以将审计记录提取到一个文本文件中,之后便可以对该文件进行分析。
The stream mode is my personal choice, because it offers real-time viewing of audit events due to the audit log file being written to in text mode.
我个人喜欢选用流模式,因为它以文本模式写审计日志文件,允许实时地查看审计事件。
Unpack the zip file containing the Audit Extension application to a suitable temporary location. This contains two main folders.
将包含了此auditExtension应用程序的zip文件解压到一个适当的临时位置。
This helps me to identify straight away, when viewing the audit log or the audit report, if there has been a read or write access on the file.
这有助于在查看审计日志或审计报告时明确区分读访问和写访问。
A typical audit log file on my system is shown in Listing 1; it shows the trail record, as well.
关于系统上典型的审计日志文件,参见清单1;它还显示了记录的追踪部分。
An example script for converting the audit information to a comma-separated values file format follows.
下面的脚本示例可以把审计信息转换为以逗号分隔值(CSV)的文件格式。
For audit to understand how to print each object as a record to the audit log, it needs a corresponding entry in the /etc/security/events file.
为了让审计系统了解如何将每个对象作为一条记录输出到审计日志中,需要使用 /etc/security/events文件中的相应条目。
The full audit XML file, included earlier in this article, was generated in under 5 seconds.
秒内就可生成本文前面包含的完整的审计XML文件。
You can also track more than one file using the same keyword by making individual entries for each file to be tracked in the /etc/security/audit/objects file, in the same format.
通过在 /etc/security/audit/objects文件中采用相同的格式为每个想要跟踪的文件建立单独的条目,您还可以使用相同的关键字跟踪多个文件。
Pruning records from the audit log that you have already extracted into a text file also prevents you from extracting the same records a second time. To prune the db2audit.log.
对已经提取到文本文件的审计日志中的记录进行修剪,还可以防止再次提取相同的记录。
Next he decided to do an audit of the applications and services running on each box, as well as establish what sort of file sharing architecture was in place.
下一步他决定审核一下每一个工作站上运行的应用程序和服务,也就是建立适当的文件共享结构分类。
The audit information can be stored locally on each system in a file designated by the system administrator, or can be sent to a remote system for centralized logging.
审计信息可以存储在每个系统上系统管理员指定的本地文件中,也可以发送到远程系统以便进行集中的日志记录。
The callback function creates a unique file name to write the audit records stored in named memory.
回调函数创建一个惟一文件名来写入已命名内存中存储的审计记录。
Thus, if the filesystem that contains the audit log files fills up, it still continues to write events to the beginning of the log file.
因此,如果包含审计日志文件的文件系统满了,它仍然会继续将事件写到日志文件的开头。
The first argument represents the file name and the second argument, the audit record.
第一个参数表示文件名,第二个参数表示审计记录。
Listing 2 shows a script with events that could be ignored from the audit log stream.out file.
清单2给出一个脚本以及审计日志stream . out文件中可以忽略的事件。
WebSphere MQ FTE is a new edition of WebSphere MQ that manages secure and reliable file transfers, and publishes messages that provide an audit log of the transfers.
WebSphereMQFTE是WebSphere MQ的一个新版本,它可以设法实现安全可靠的文件传输,并能发布关于传输审计日志的消息。
Before extracting audit records from the db2audit.log file, flush any remaining audit records in the buffer out to disk by issuing the following command.
在从db2audit. log文件提取审计记录之前,发出以下命令将缓冲区中的所有审计记录刷新到磁盘。
应用推荐