Previous | Contents | Index |
ACMSGEN commands allow you to change ACMS system parameters to define lower limits, quotas, process names, user names, proxy accounts, and priorities for components of ACMS. Table 11-4 lists the ACMSGEN commands and qualifiers and provides a brief description of each ACMSGEN command. For detailed information about ACMSGEN commands and qualifiers, see Chapter 22.
Commands and Qualifiers | Description |
---|---|
EXIT | Ends the ACMSGEN session and returns you to the DCL prompt. |
HELP | Displays help information about ACMSGEN commands, parameters, and qualifiers. |
SET | Places a new parameter value in the ACMSGEN work area. |
SHOW
/ACC /ALL /CP /EXC /MSS /QTI /TSC |
Displays the value in the work area, the default value, the minimum value, the maximum value, the unit of measure, and the dynamic/fixed status for ACMS system parameters. |
USE | Initializes the ACMSGEN work area with values from a work file. |
USE ACTIVE | Initializes the ACMSGEN work area with active values for all parameters from an ACMS system global section. |
USE CURRENT | Initializes the ACMSGEN work area with current values for all parameters from the SYS$SYSTEM:ACMSPAR.ACM parameter file. |
USE DEFAULT | Initializes the ACMSGEN work area with ACMS default values for all ACMS parameters. |
WRITE | Writes values from the ACMSGEN work area to a work file, creating a new version of the file. |
WRITE ACTIVE | Changes active values for dynamic parameters by writing values from the ACMSGEN work area to an ACMS system global section. |
WRITE CURRENT | Changes current values by writing values from the ACMSGEN work area to the SYS$SYSTEM:ACMSPAR.ACMS file. |
This chapter explains how to use the Audit Trail Logger (ATL) and the
Audit Trail Report (ATR) Utility to monitor the use and misuse of your
application. See Section 12.9 for a summary of ATR commands and
qualifiers. For reference information on the commands described in this
chapter, refer to Chapter 23.
12.1 Understanding the Audit Trail Logger
The Audit Trail Logger records application and user activity in the audit trail log. The Audit Trail Logger records:
The Audit Trail Logger is automatically started with the ACMS system. Disable the Audit Trail Logger by using the /NOAUDIT qualifier either on the ACMS/START SYSTEM command or the ACMS/SET SYSTEM command. When the Audit Trail Logger is disabled, it only records file opens and closes. Use the /AUDIT qualifier with either of these commands to reenable auditing.
Use the ATR Utility to display audit trail records or write them to an
output file.
12.2 Using the Audit Trail Log File
Each time the ACMS system starts, it creates a new version of the audit trail log file. ACMS writes Audit Trail Logger information to the file SYS$ERRORLOG:ACMSAUDIT.LOG by default. The default protection for the audit trail log file is (S:RD,O:RWED,G:R). The Audit Trail Logger must have write access to the audit trail log file for you to start your ACMS system.
The Audit Trail Logger attempts to translate the following logical names, which you can define, and uses the values of the logical names for file allocation when ACMS creates the audit trail log file:
See the OpenVMS Record Management Services Reference Manual for additional information about these fields.
To write audit trail information to a different file on a disk or on a magnetic tape volume set, define the system logical name ACMS$AUDIT_LOG to point to that file. If you omit any parts of the file specification in defining the logical name, missing parts are supplied from SYS$ERRORLOG:ACMSAUDIT.LOG. For example, the following command defines the audit trail log file as ACMSAUDIT.LOG in the directory [ACMS.AUDIT] on SYS$DISK. The file name and file type are supplied by default.
$ DEFINE/SYSTEM ACMS$AUDIT_LOG SYS$DISK:[ACMS.AUDIT] |
Note the logical must be a system logical so that the Audit Trail Logger has access to it.
If you write audit trail information to a file on disk, take the steps needed to process audit trail log files as ACMS creates them. For example, you can purge audit trail log files or store them on a separate volume.
If the Audit Trail Logger runs out of space for audit trail information on disk, the audit trail logs the error in the software event log (generated by SWL), and the Audit Trail Logger process stops. ACMS sends a message to ACMS operator terminals. Restart the Audit Trail Logger process with the ACMS/SET SYSTEM /AUDIT command or the ACMS/RESET AUDIT command.
If you write audit trail information to a magnetic tape volume set, define the logical name ACMS$AUDIT_LOG to point to a file specification of the form:
MTxn:name.ext |
The components of this file specification are:
The following command defines ACMS$AUDIT_LOG to point to ACMSAUDIT.LOG on the magnetic tape mounted on the MTA0 device:
$ DEFINE /SYSTEM ACMS$AUDIT_LOG MTA0: |
The default file name and file type are taken from the file specification SYS$ERRORLOG:ACMSAUDIT.LOG.
If you write audit trail information to magnetic tape, load and initialize the magnetic tape before you start the ACMS system. If you do not, the ACMS/START SYSTEM command can time out before the initialization is complete. Initialize the magnetic tape with a volume name the same as the first six characters of the file name for the audit trail log file. For example:
$ INIT MTA0: ACMSAU |
If the file name is longer than six characters, the Audit Trail Logger truncates the volume name to six characters. Do not use the MOUNT command after initializing the tape. ACMS logically mounts the magnetic tape when it starts the Audit Trail Logger. If the tape is already mounted, ACMS returns a fatal error on the ACMS/START SYSTEM command.
If the Audit Trail Logger is logging information to magnetic tape, and the end of volume is encountered, OpenVMS sends a message to OpenVMS operator terminals asking the operator to mount the next volume in the volume set. The operator loads the tape on the drive, initializes and mounts the volume, and responds to the operator request with a DCL REPLY command. The Audit Trail Logger then logs information to the new volume.
If the audit trail log file is being written to magnetic tape that runs out of space, ACMS may interrupt its work until a new tape is ready. OpenVMS operator terminals are informed that a new tape must be mounted. Eventually, terminal users do not get any system response. To avoid this problem, store your audit information on large magnetic tapes. Inspect the tape regularly to make sure that it is not full. |
For information about magnetic tapes, see OpenVMS System Manager's Manual: Essentials. For
information about the REPLY command, see the OpenVMS DCL Dictionary.
12.3 Events Recorded by the Audit Trail Logger
The Audit Trail Logger logs the following types of events:
Table 12-1 shows the events logged by the Audit Trail Logger, an explanation of recorded events, and the conditions under which events are recorded.
Events Recorded | Explanation | When Recorded |
---|---|---|
Abnormal terminations of applications | Stopping of applications for any reason other than ACMS/STOP SYSTEM or ACMS/STOP APPLICATION commands | Always |
Abnormal terminations of server processes | Stopping of server processes due to error | Always |
ACMS errors | ACMS system internal errors | Always |
Application starts and stops | Each use of ACMS/START APPLICATION and ACMS/STOP APPLICATION commands | Always |
Application modifications | Each use of the ACMS/MODIFY APPLICATION command | Application auditing enabled |
Open new audit trail log file | Each use of an ACMS/RESET AUDIT command | Always |
Enabling and disabling of the Audit Trail Logger | Each use of the ACMS/SET SYSTEM, ACMS/START SYSTEM, or ACMS/STOP SYSTEM command to enable or disable the Audit Trail Logger | Always |
Enabling and disabling of ACMS operator terminals | Each use of the ACMS/SET SYSTEM command to enable or disable ACMS operator terminal | Always |
Error allocating ACMS-controlled terminals | Why an ACMS-controlled terminal was unable to be allocated by the ACMS terminal subsystem controller | Always |
Errors returned or signaled by cancel handling procedures | Each error encountered by user-written cancel handlers | Always |
Errors returned or signaled on initialization and termination procedures | Each error encountered by user-written initialization and termination procedures | Always |
Errors signaled by processing steps | Each error signaled during a processing step | Always |
Failure to start a server process | Why a server process failed to start | Always |
Sign-ins and sign-outs | Who signed in to or out of ACMS and at what time | Always |
Queue starts and stops | Each use of the ACMS/START QUEUE, or ACMS/STOP QUEUE commands | Always |
Queue modifications | Each use of the ACMS/SET QUEUE command | Always |
Queued task failures | Each error that caused the task invocation to fail | Always |
Server replacement | Each use of the ACMS/REPLACE SERVER command | Always |
System starts and stops | Each use of ACMS/START SYSTEM or ACMS/STOP SYSTEM command | Always |
Task calls | Tasks called by other tasks | Task subclause |
Task chains | Tasks chained to from another task | Task auditing enabled |
Task cancellations | Tasks canceled by any method | Task auditing enabled |
Composed task transaction aborts | When a composed task transaction was aborted | Always |
Task completions | Completed tasks, who completed each task, and when | Always |
Task selections | Each task selected by a user | Task auditing enabled |
User errors not elsewhere reported | User errors, including errors ACMS cannot report back to the user | Always |
Submitter authentications in remote applications | As a security measure, when a submitter first selects a task in a remote application, the submitter is authenticated by the application execution controller (ACC) on the submitter node | Always |
Use ATR commands to read the events recorded in the audit trail log
file or to produce a report that lists the events. The following
sections describe how to run the ATR Utility and use ATR commands.
12.4 Running the ATR Utility
Use either of the following commands to run ATR:
$ RUN SYS$SYSTEM:ACMSATR ATR> |
or
$ MCR ACMSATR ATR> |
You can also enter ATR Utility commands from DCL level by defining ATR as a DCL foreign command. For example:
$ ATR:==$SYS$SYSTEM:ACMSATR |
Place this command in your login command file to permanently define this foreign command. Once you define ATR as a DCL foreign command, you can use ATR commands from DCL. For example:
$ ATR LIST /APPLICATION=EXEX_APPL /BEFORE=14-JAN-1991 |
When you see the ATR> prompt, enter ATR commands. Use the LIST command to display or list audit trail records. Use the HELP command to get information about ATR commands. For example:
ATR> HELP LIST |
Instead of typing ATR commands, you can use keypad keys to enter commands. Press [PF1] and [PF2] for access to the ATR keypad. Press [Ctrl/B] to recall the last 20 ATR commands you enter (one at a time).
When you are finished using the ATR Utility, type EXIT or press [Ctrl/Z] to return to DCL:
ATR> EXIT $ |
In DCL, get help information about the ATR Utility by using the following HELP command:
$ HELP @ACMSATR |
The ATR Utility LIST command generates an ACMS log report consisting of
records from the Audit Trail Logger. Include a file specification with
the LIST command to identify a concatenated file containing several
audit trail log files, or omit the file specification altogether. If
you omit the file specification, ATR searches for a translation for the
logical ACMS$AUDIT_LOG. If ACMS$AUDIT_LOG is not defined, ATR uses the
default file specification, SYS$ERRORLOG:ACMSAUDIT.LOG.
12.5.1 Creating Full Log Reports
The LIST command with the /OUTPUT qualifier writes full Audit Trail Logger reports to a listing file. If you do not use the /OUTPUT qualifier, the ATR Utility displays information on the terminal.
Example 12-1 provides an sample log report containing a full version of each record in the audit trail log file. Instead of displaying the entire log file on your terminal as shown here, use the /OUTPUT qualifier to send the output to a listing file.
Example 12-1 ATR LIST Command |
---|
ATR> LIST (1) ACMS Log Report 5-JAN-1991 (2)10:08:08.83 Type : ALL Since : * Before : * Appl : * Task : * (3) ID : * User : * Sub : * Term : * (4) File : SYS$SYSROOT:[SYSERR]ACMSAUDIT.LOG;3 ************************************************************ (5) Type : TASK (6) Time : 1-JAN-1991 12:16:55.00 (7) Appl : TEST (8) Task : TSK1M2 (9) User : LTUSER2 (10) ID : CARAT::00010036-00000001-47E6F8C0-008DDDDE (11) Sub : CARAT::00010036-00000000-47E6F8C0-008DDDDE (12) Text : Task started ************************************************************) Type : TASK Time : 1-JAN-1991 12:17:19.06 Appl : TEST Task : TSK1M2 User : LTUSER2 ID : CARAT::00010036-00000001-47E6F8C0-008DDDDE Sub : CARAT::00010036-00000000-47E6F8C0-008DDDDE Text : Task end Task completion status: Task completed normally ************************************************************ (13) End Report 1-JAN-1991 13:09:01.41 |
The following is a description of the numbered items in Example 12-1.
The /BRIEF qualifier limits how much information is included in the report. Each record in a brief report contains the time of the entry in the Audit Trail Logger and the type of information in the entry. For information about record types, see the description of the /TYPE qualifier. The default is to include full records in the report. Example 12-2 provides an example of an ACMS log report containing a brief version of each record in the Audit Trail Logger.
Example 12-2 ATR LIST/BRIEF Command |
---|
ATR> LIST/BRIEF (1) ACMS Log Report 5-JAN-1991 (2) 10:01:02.74 Type : ALL Since : * Before : * Appl : * Task : * (3) ID : * User : * Sub : * Term : * (4) File : SYS$ERRORLOG:RWGAUDIT.LOG;3 ************************************************************ Type : OTHER Time : 1-JAN-1991 11:57:35.03 Type : COMMAND Time : 1-JAN-1991 11:57:42.97 Type : COMMAND Time : 1-JAN-1991 11:59:05.42 Type : LOGIN Time : 1-JAN-1991 11:59:34.61 Type : LOGIN Time : 1-JAN-1991 11:59:35.63 Type : LOGIN Time : 1-JAN-1991 11:59:42.04 Type : LOGIN Time : 1-JAN-1991 11:59:43.05 Type : TASK Time : 1-JAN-1991 12:00:55.00 Type : TASK Time : 1-JAN-1991 12:00:55.92 (5) Type : TASK Time : 1-JAN-1991 12:01:06.52 Type : TASK Time : 1-JAN-1991 12:01:09.39 Type : LOGIN Time : 1-JAN-1991 12:02:15.76 Type : TASK Time : 1-JAN-1991 12:02:16.53 Type : TASK Time : 1-JAN-1991 12:02:18.22 Type : LOGIN Time : 1-JAN-1991 12:02:19.82 Type : TASK Time : 1-JAN-1991 12:02:19.87 Type : LOGIN Time : 1-JAN-1991 12:02:19.98 Type : TASK Time : 1-JAN-1991 12:02:20.81 Type : TASK Time : 1-JAN-1991 12:02:22.15 (6) End Report 5-JAN-1991 10:01:58.42 |
A brief log report consists of a header and one or more records. The following is a description of the numbered items in Example 12-2.
Previous | Next | Contents | Index |