Copyright Digital Equipment Corp. All rights reserved.

Examples

   1.$ SET AUDIT/AUDIT/ENABLE= -
     _$ (CREATE,ACCESS=(SYSPRV,BYPASS),DEACCESS)/CLASS=FILE
     $ SHOW AUDIT/AUDIT
     System security audits currently enabled for:

        .
        .
        .
       FILE access:
         Failure:     read,write,execute,delete,control
         SYSPRV:      read,write,execute,delete,control
         BYPASS:      read,write,execute,delete,control
         Other:       create,deaccess


     The SET AUDIT command in this example enables auditing of file
     creation and file deaccess; it also enables auditing for any
     file access done by using either SYSPRV or BYPASS privilege.

   2.$ SET AUDIT/JOURNAL=SECURITY/DESTINATION=AUDIT$:[AUDIT]TURIN
     $ SET AUDIT/SERVER=NEW
     $ SHOW AUDIT/JOURNAL
     List of audit journals:
       Journal name:           SECURITY
       Journal owner:          (system audit journal)
       Destination:            AUDIT$:[AUDIT]TURIN.AUDIT$JOURNAL

     The SET AUDIT command in this example demonstrates how to
     switch to a new journal.

   3.$ SET AUDIT/SERVER=FINAL=CRASH
     $ SHOW AUDIT/SERVER
     Security auditing server characteristics:
       Database version:       4.4
       Backlog (total):        100, 200, 300
       Backlog (process):      5, 2
       Server processing intervals:
         Archive flush:        0 00:01:00.00
         Journal flush:        0 00:05:00.00
         Resource scan:        0 00:05:00.00
       Final resource action:  crash system

     The SET AUDIT command in this example changes the audit
     server's final action setting so the system crashes when the
     audit server runs out of memory.

   4.$ SET AUDIT/ARCHIVE/DESTINATION=SYS$SPECIFIC:[SYSMGR]TURIN-ARCHIVE
     $ SHOW AUDIT/ARCHIVE
     Security archiving information:

     Archiving events:    system audits
     Archive destination: SYS$SPECIFIC:[SYSMGR]TURIN-ARCHIVE.AUDIT$JOURNAL

     The SET AUDIT command in this example enables a node-specific
     archive file.

   5.$ SET AUDIT/JOURNAL/RESOURCE=ENABLE
     $ SHOW AUDIT/JOURNAL
     List of audit journals:
       Journal name:          SECURITY
       Journal owner:         (system audit journal)
       Destination:           SYS$COMMON:[SYSMGR]SECURITY.AUDIT$JOURNAL
       Monitoring:            enabled
         Warning thresholds,  Block count:   100   Duration:  2 00:00:00.0
         Action thresholds,   Block count:    25   Duration:  0 00:30:00.0

     The SET AUDIT command in this example enables disk monitoring
     and switches the mode so the disk space is monitored in terms
     of time rather than free blocks.