audtrail - A dcecp object that converts the audit trail into a human readable format
audtrail help [operation | -verbose] audtrail operations audtrail show audit_trail_file_name_list [-to filename]
The audtrail object represents an audit trail file. This object currently supports only one operation which converts the audit trial into a human readable format.
Returns help information about the audtrail object and its operations. The syntax is:
audtrail help [operation | -verbose]
Option
Used without an argument or option, the audtrail help command returns brief information about each audtrail operation. The optional operation argument is the name of an operation (help, operations, or show) about which you want detailed information. Alternatively, you can use the -verbose option for more detailed information about the audtrail object itself.
Privilege Required
No special privileges are needed to use the audtrail help command.
Examples
dcecp> audtrail help show Returns or files the contents of an audit trail file. help Print summary of command-line options and abort. operations Returns valid operations for command. dcecp>
Returns a list of the operations supported by the audtrail object. The syntax is:
audtrail operations
The audtrail operations operation takes no arguments, and returns a list of the available operations for the audtrail object. The order of the elements is alphabetical with the exception that help and operations are listed last.
Privilege Required
No special privileges are needed to use the audtrail operations command.
Examples
dcecp> audtrail operations show help operations dcecp>
Returns the audit trail in a human readable format. The syntax is:
audtrail show audit_trail_file_name_list [-to filename]
The audtrail show operation returns the audit trail in a human readable format. This command takes as an argument a list of names of audit trial files. If more than one name is given then the output of each audit trail is concatenated together with a blank line between audit trails. The -to option specifies a destination filename for the trail. If this option is not present, the trail is returned from the command. If the option is present, the command returns an empty string.
Note that because audit trail files may grow quite large, using the -to switch is strongly recommended in order to avoid reading the entire trail into memory.
Privilege Required
You must have read (r) permission on the audit trail file on the local filesystem.
Examples
The following command shows the contents of the audit trail file my_trail:
dcecp> audtrail show my_trail --- Start of an event record --- Event Number: Client: /.../stp.gburg.ibm.com/hosts/drinkernisti/self Event Outcome: success Authorization Status: Authorized with a pac Local Time: 1993-12-19-19:02:27.037-05:00I----- --- End of an event record --- --- Start of an event record --- Event Number: Client: /.../stp.gburg.ibm.com/hosts/drinkernisti/self Event Outcome: success Authorization Status: Authorized with a pac Local Time: 1993-12-19-19:02:28.819-05:00I----- --- End of an event record --- dcecp>