To record audit events in an audit trail file, the DCE audit API functions must be called in the distributed application to perform the following:
1. Open the audit trail file during the startup of the application.
2. Initialize the audit records at each code point.
3. Add event information to the audit records at each code point. (This is optional.)
4. Commit the audit records at each code point.
5. Close the audit trail file when the application shuts down.
Note that steps 2, 3, and 4 are repeated in sequence at each code point in the distributed application.
The use of the audit API functions in each of these steps is illustrated with the bank server example introduced in Administration and Programming in DCE Audit .
Five code points are identified in the bank server program: acct_open( ), acct_close( ), acct_withdraw( ), acct_deposit( ), and acct_transfer( ). Each code point has been assigned an event number and defined in the application server's header file as follows:
#define evt_vn_bank_server_acct_open 0x01000000
#define evt_vn_bank_server_acct_close 0x01000001
#define evt_vn_bank_server_acct_withdraw 0x01000002
#define evt_vn_bank_server_acct_deposit 0x01000003
#define evt_vn_bank_server_acct_transfer 0x01000004
More:
Initializing the Audit Records
Adding Event-Specific Information