Displays the set of security auditing characteristics established
by the RMU Set command with Audit qualifier.
1 – Description
The RMU Show Audit command is the Oracle Rdb equivalent to the
DCL SHOW AUDIT command. Because Oracle Rdb security auditing uses
many OpenVMS system-level auditing mechanisms, certain auditing
characteristics such as /FAILURE_MODE can only be displayed
using the OpenVMS SHOW AUDIT command, which requires the OpenVMS
SECURITY privilege.
2 – Format
(B)0[mRMU/Show Audit root-file-spec
[4mCommand[m [4mQualifiers[m x [4mDefaults[m
x
/All x See description
/Daccess[=object-type[,...]] x See description
/Every x See description
/Flush x See description
/Identifiers x See description
/Output[=file-name] x /Output=SYS$OUTPUT
/Protection x See description
/Rmu x See description
/Type={Alarm|Audit} x Alarm and Audit
3 – Parameters
3.1 – root-file-spec
The root file specification of the database for which you want
auditing information to be displayed.
4 – Command Qualifiers
4.1 – All
All
Displays all available auditing information for the database,
including the following: whether security auditing and security
alarms are started or stopped; types of security events currently
enabled for alarms and audits; identifiers currently enabled
for auditing; and whether forced write operations are enabled or
disabled.
4.2 – Daccess
Daccess[=object-type[, . . . ]]
Indicates whether the general DACCESS audit event class is
currently enabled. Specifying one or more object types with the
Daccess qualifier displays the object types and their associated
privileges that are currently enabled for DACCESS event auditing.
If you specify more than one object type, enclose the list of
object types within parentheses.
The valid object types are:
DATABASE
TABLE
COLUMN
4.3 – Every
Every
Displays the current setting for the first or every DACCESS event
auditing for the database.
4.4 – Flush
Flush
Displays the current setting for forced write operations on audit
journal records for the database.
4.5 – Identifiers
Identifiers
Displays the user identification codes (UICs) of the users
currently enabled for DACCESS event auditing of specified
objects.
4.6 – Output
Output[=file-name]
Controls where the output of the command is sent. If you do not
enter the Output qualifier, or if you enter the Output qualifier
without a file specification, the output is sent to the current
process default output stream or device.
4.7 – Protection
Protection
Displays whether auditing is currently enabled for the PROTECTION
audit event class.
4.8 – Rmu
Rmu
Displays whether auditing is currently enabled for the RMU event
class.
4.9 – Type
Type=Alarm
Type=Audit
Displays information about security alarms or security auditing.
If you do not specify the Type qualifier, Oracle RMU displays
information about both security alarms and security auditing.
5 – Usage Notes
o To use the RMU Show Audit command for a database, you must
have the RMU$SECURITY privilege in the root file ACL for the
database or the OpenVMS SECURITY or BYPASS privilege.
o If you do not specify any qualifiers with the RMU Show Audit
command, the currently enabled alarm and audit security events
are displayed.
o Use the RMU Show Audit command to check which auditing
features are enabled whenever you plan to enable or disable
audit characteristics with a subsequent RMU Set Audit command.
o When the RMU Show Audit command is issued for a closed
database, the command executes without other users being able
to attach to the database.
6 – Examples
Example 1
The following command shows that alarms are enabled for the RMU
and PROTECTION audit classes for the mf_personnel database. Note
that the display shows that alarms are also enabled for the AUDIT
audit class. The AUDIT audit class is always enabled and cannot
be disabled.
$ RMU/SHOW AUDIT/ALL MF_PERSONNEL
Security auditing STOPPED for:
PROTECTION (disabled)
RMU (disabled)
AUDIT (enabled)
ACCESS (disabled)
Security alarms STOPPED for:
PROTECTION (enabled)
RMU (enabled)
AUDIT (enabled)
ACCESS (disabled)
Audit flush is disabled
Audit every access
Enabled identifiers:
None
Example 2
In the following example, the first command enables and starts
alarms for the RMU audit class for the mf_personnel database.
Following the first command is the alarm that is displayed on
a security terminal when the first command is executed. The
second command displays the auditing characteristics that have
been enabled and started. The RMU Show Audit command with the
All qualifier causes the alarm at the end of the example to be
displayed on the security terminal. Note that security-enabled
terminals only receive alarms if alarms have been both enabled
and started.
$ RMU/SET AUDIT/TYPE=ALARM/ENABLE=RMU/START MF_PERSONNEL
%%%%%%%%%%% OPCOM 8-JUL-1996 09:41:01.19 %%%%%%%%%%%
Message from user RICK on MYNODE
Oracle Rdb Security alarm (SECURITY) on MYNODE, system id: 32327
Database name: DDV21:[RICK.SQL]MF_PERSONNEL.RDB;1
Auditable event: Auditing change
PID: 21212274
Event time: 8-JUL-1996 09:41:01.17
User name: RICK
RMU command: RMU/SET AUDIT/TYPE=ALARM/ENABLE=RMU/START MF_PERSONNEL
Sub status: RMU required privilege
Final status: %SYSTEM-S-NORMAL
RMU privilege used: RMU$SECURITY
$ RMU/SHOW AUDIT/ALL MF_PERSONNEL
Security auditing STOPPED for:
PROTECTION (disabled)
RMU (disabled)
AUDIT (enabled)
ACCESS (disabled)
Security alarms STARTED for:
PROTECTION (disabled)
RMU (enabled)
AUDIT (enabled)
ACCESS (disabled)
Audit flush is disabled
Audit every access
Enabled identifiers:
None
%%%%%%%%%%% OPCOM 8-JUL-1996 09:43:07.94 %%%%%%%%%%%
Message from user RICK on MYNODE
Oracle Rdb Security alarm (SECURITY) on MYNODE, system id: 32327
Database name: DDV21:[RICK.SQL]MF_PERSONNEL.RDB;1
Auditable event: Attempted RMU command
PID: 21212274
Event time: 8-JUL-1996 09:43:07.92
User name: RICK
RMU command: RMU/SHOW AUDIT/ALL MF_PERSONNEL
Access requested: RMU$SECURITY
Sub status: RMU required privilege
Final status: %SYSTEM-S-NORMAL
RMU privilege used: RMU$SECURITY