Copyright © TIBCO Software Inc. All Rights Reserved
Copyright © TIBCO Software Inc. All Rights Reserved


Chapter 9 Archiving the Audit Log Data : Archiving the Audit Log–Open Systems

Archiving the Audit Log–Open Systems
On an ongoing basis, the data in the audit log must be archived to an external file and deleted from the TIBCO Object Service Broker table. For security reasons, the only way to archive the data is to use either:
PURGELOG_SCREEN, which is an interactive tool
PURGELOG_BATCH, which is a batch tool
Conditions for Using the PURGELOG Tools
To run the PURGELOG tools, adequate security must be defined for TIBCO Object Service Broker to allow you to run the PURGELOG tools and/or specify the external file that is used to store the archive data. Refer to Task A, Enter the name of the file where the audit data is to be stored for information about the purge file.
You must edit your secparm file, which is in the same directory as the crparm file, to specify the list of user IDs that are allowed to run these routines.
Required Entries for secparm
The secparm file contains three required entries:
 
For users connecting to TIBCO Object Service Broker through an ostty session, specify the operating system user ID, not the TIBCO Object Service Broker user ID. It can be as long as 251 characters, but only the first 8 characters are used.
For a user connecting through theTIBCO Object Service Broker UI or the SDK (Java), specify “CLI”.
A logical value (Y/y or N/n) indicating whether the userid is allowed to specify the archive file for the audit log
A logical value (Y/y or N/n) indicating whether the userid is allowed to purge the audit log
m
If userid is “3270” or “CLI”, any user of the specified session type can archive the audit log.
Additional Content
Additional content must be as follows:
Sample secparm File

 
# The following users are security administrators
 
# Format of the specifications are:
#
# <userid> <specfile (Y/N)> <purgelog (Y/N>
#
#USERA is allowed to specify the archive file but not allowed to purge the log
USERA Y N
#USERB is not allowed to specify the archive file but is allowed purge the log
USERB N Y
#USERXYZ is allowed to both specify the archive log and purge the log
USERXYZ Y Y
#The following specification is incomplete and is ignored
USERTEST Y

 
See Also
TIBCO Object Service Broker for z/OS Installing and Operating or TIBCO Object Service Broker for Open Systems Installing and Operating for details about the crparm file.

Copyright © TIBCO Software Inc. All Rights Reserved
Copyright © TIBCO Software Inc. All Rights Reserved