To open the audit trail file, the main routine of the application server uses the dce_aud_open( ) function. With this function call, the audit trail file can be
· opened for reading or for writing.
· directed to the default audit trail file or to a specific file. If dce_aud_open( ) is called without specifying an audit trail file, (by having NULL as the value of the description parameter), a default audit trail file is used. This is the central trail file that is accessed by RPC calls to the audit daemon.
If an audit trail file is specified in the dce_aud_open( ) call, (through the description parameter), that file is opened directly by the audit library, bypassing RPCs and the audit daemon.
In the bank server application, the function call is as follows:
dce_aud_open(aud_c_trl_open_write, &audit_file,
evt_vn_bank_server_acct_open,
5, &audit_trail, &status);
In this call, the audit trail file audit_file is opened for writing. The third parameter (evt_vn_bank_server_acct_open) specifies the lowest event number used in the bank server application. The fourth parameter (5) specifies the number of events defined.
The call returns an audit-trail descriptor (audit_trail) that will be used to append audit records to the audit trail file.