Audit log data formats, Audit log data formats -41 – HP XP Racks User Manual

For example, to change the output destination of audit log data to /usr/
local/audlog, specify the following two settings:

•

Specify the following setting in the /etc/syslog.conf file:

local0.info /usr/local/audlog

•

Use the HDLM command's set operation to specify local0 for the audit

log facility:

You can also filter the audit log output by specifying a severity level and type

for the HDLM command's set operation.

Filtering by severity:

The following table lists the severity levels that can be specified.

Table 2-11 Severity Levels That Can Be Specified

Severity

Audit log data to output

Correspondence with syslog

severity levels

0 None

Emergency

1

Alert

2 Critical

Critical

3 Critical and Error

Error

4 Critical, Error, and Warning

Warning

5

Notice

6 Critical, Error, Warning, and Informational

Informational

7

Debug

Filtering by category:

The following categories can be specified:

¢

StartStop

¢

Authentication

¢

ConfigurationAccess

¢

All of the above

For details on how to specify audit log settings, see

Setting Up the HDLM

Functions on page 3-78

.

Audit Log Data Formats

The following describes the format of audit log data:

Format of audit log data output to syslog:

¢

priority

¢

date-and-time

¢

host-name

HDLM Functions

2-41

Hitachi Dynamic Link Manager (for AIX) User Guide