HP OpenVMS Systems

ask the wizard
Content starts here

Seeking Detailed Authorize Auditing Info?

» close window

The Question is:

Trying to find the authorization file modify information from audit log on user
  $ analyze /audit sys$manager: /event=sysuaf
which seems to give me what XX did update (i.e. "What did XX do"). So far, so
But what is the proper syntax to find out what events did update user XX in the
 authorization file (i.e. "Who did that to XX")?

The Answer is :

  The following appears to be the most direct approach, assuming that
  you do not directly reduce the data in the auditing logs yourself:

answer written or last revised on ( 1-JUL-2003 )

» close window