|
  
SAFESFS SFS Request Audit Record Format
For SFS object authorization request calls:
----0----1----1----2----2----3----3----4----4
....5....0....5....0....5....0....5....0....5
ABBCDEMMDDYYHHMMSSReqid...ReqGrp..AltId...Object ...
Field
|
Type/Length
|
Description
|
A
|
CL1
|
First byte of SFS processing code. {B,C}
|
B
|
CL2
|
SFS File pool request code. See SFS Administration manual for a list of SFS request codes and their meanings.
|
C
|
CL1
|
Object type {F,A,D,E,U}
|
D
|
CL1
|
Action requested {R,W,B,M,A,D,U,C,E,X,S}
|
E
|
CL1
|
RC from evaluation {R,W,E,B,C,D,N}
|
MMDDYY
|
CL6
|
Date
|
HHMMSS
|
CL6
|
Time
|
ReqId
|
CL8
|
Requesting userid.
|
ReqGrp
|
CL8
|
Requesting userid's ACIGROUP.
|
AltId
|
CL8
|
Alternate id passed by SFS.
|
Object
|
CL160
|
Object affected.
|
The following table describes the meaning of each of the character values.
Field
|
Value
|
Meaning
|
A
|
C
|
An SFS User Administration command.
|
|
|
B
|
An SFS Object Authorization.
|
C
|
F
|
A CMS File
|
|
|
A
|
A CMS Alias
|
|
|
D
|
A CMS Directory
|
|
|
E
|
A CMS External Object
|
|
|
C
|
An SFS User Administration command.
|
|
|
U
|
Object Type not applicable.
|
D
|
R
|
Read was requested
|
|
|
W
|
Write was requested
|
|
|
B
|
Read/Write was requested
|
|
|
M
|
Manage was requested (likely, a User Administration command)
|
|
|
A
|
SafeSFS server requested to add a rule.
|
|
|
D
|
SafeSFS server requested to delete a rule.
|
|
|
U
|
Action requested not applicable.
|
|
|
C
|
Create was requested.
|
|
|
E
|
Read/Write/Create was requested.
|
|
|
X
|
Audit Close command.
|
|
|
S
|
System events (Init, Shutdown, etc.)
|
|
|
L
|
SafeSFS Control command.
|
E
|
R
|
Read authorization was accepted.
|
|
|
W
|
Write authorization was accepted.
|
|
|
E
|
Read, Write and Create were accepted.
|
|
|
B
|
Read and Write were accepted.
|
|
|
C
|
Create was accepted.
|
|
|
N
|
Not authorized
|
|
|
D
|
Request was deferred to SFS.
|
For SFS command authorization request calls:
0 1 1 2 2 3 3 4 4
....5....0....5....0....5....0....5....0....5
ABBCDEMMDDYYHHMMSSReqid...ReqGrp..AltId...Command ...
Field
|
Type/Length
|
Description
|
A
|
CL1
|
First byte of SFS processing code. {A,B}
|
B
|
CL2
|
SFS File pool request code. See SFS Administration manual for a list of SFS request codes and their meanings.
|
C
|
CL1
|
Object type {F,A,D,E,U}
|
D
|
CL1
|
Action requested {R,W,B,L,M,A,D,U,C,E,X,S}
|
E
|
CL1
|
RC from evaluation {A,X,Y}
|
MMDDYY
|
CL6
|
Date
|
HHMMSS
|
CL6
|
Time
|
ReqId
|
CL8
|
Requesting userid.
|
ReqGrp
|
CL8
|
Requesting userid's ACIGROUP.
|
AltId
|
CL8
|
Alternate id passed by SFS.
|
Command
|
CL20
|
Object affected.
|
Userid List
|
CL64
|
Userids that were the target of the command. Multiple audit records will be written to accommodate more than 8 users.
|
The following table describes the meaning of each of the character values.
Field
|
Value
|
Meaning
|
A
|
C
|
A SFS User Administration command.
|
|
|
B
|
A SFS Object Authorization. (See SFS Object Audit Table)
|
C
|
F
|
A CMS File
|
|
|
A
|
A CMS Alias
|
|
|
D
|
A CMS Directory
|
|
|
E
|
A CMS External Object
|
|
|
U
|
Object Type not applicable.
|
D
|
R
|
Read was requested
|
|
|
W
|
Write was requested
|
|
|
B
|
Read/Write was requested
|
|
|
M
|
Manage was requested (likely, a User Administration command)
|
|
|
A
|
SafeSFS server requested to add a rule.
|
|
|
D
|
SafeSFS server requested to delete a rule.
|
|
|
U
|
Action requested not applicable.
|
|
|
C
|
Create was requested.
|
|
|
E
|
Read/Write/Create was requested.
|
|
|
X
|
Audit Close command.
|
|
|
S
|
System events (Init, Shutdown, etc.)
|
|
|
L
|
SafeSFS Control command.
|
E
|
A
|
Command accepted.
|
|
|
X
|
Command rejected.
|
|
|
Y
|
Command deferred to SFS.
|
|
