The Question is:
I need some help understanding security auditing. I see from a Show Audit that
alarms and audits are enabled for ACL. No other specifics/keywords are shown
for this line, unlike other entries.
What is that capturing for me, and how can I use Ana/Audit to display any
activity it caught?
Yes, I have read the DCL command references, and understand basically what ACLs
and ACEs are doing out there. What I don't understand is the object it
assumes it is working with or how to access those details of the journal.
The Answer is :
If you have the ACL events and audits enabled, then alarm and
audit ACEs found within an ACL will be processed.
Please review the OpenVMS system security manual for assistance
with this and related topics, as the security documentation has
extensive and detailed documentation specific to auditing and
alarms and ACL processing.