PreviousNext

Committing an Audit Record

After the header and the optional tail information has been included in the audit record, the dce_aud_commit( ) function call is used to write the audit record in the audit trail file. This function uses the audit trail file previously opened by the dce_aud_open( ) function.

You can specify one of two options in the way the function writes the audit record in the audit trail file:

· Return an error status if the storage or logging service is not available when an attempt is made to write the audit record. This option can be used if the application program can handle write failures in the stable storage.

· If the storage or logging service is not available, keep on trying until the function is able to write to it. This option can be used if the audit record must be written to stable storage before the routine can proceed safely to another task.

In the bank server example, the function call can be made as follows:

dce_aud_commit(audit_trail, ard, options, format, outcome, &status);

The audit_trail parameter is the trail descriptor returned in the dce_aud_open( ) call made earlier. The ard parameter is the audit record descriptor returned in the dce_aud_start( ) call (and used in the dce_aud_put_ev_info( ) function call). The format parameter specifies a format version number of the event-specific information. The initial version number should be zero, and be incremented when the format changes. For example, the data type used for account numbers might change from 32-bit integer to UUID. The event outcome must be provided in this call, even if it has been provided in the dce_aud_start( ) call made earlier. If the event outcome (except aud_c_esl_cond_unknown) is provided in both calls, the values must be the same.