Chapter 2 HPSS Planning
HPSS Installation Guide September 2002 89
Release 4.5, Revision 2
2.8.4.7 Name Space
Enforcement of access to HPSS name space objects is the responsibility of the HPSS Name Server.
The access rights granted to a specific user are determined from the information contained in the
object's ACL.
2.8.4.8 Security Audit
HPSS provides capabilities to record information about authentication, file creation, deletion,
access, and authorization events. The security audit policy in each HPSS server determines what
auditrecords a server will generate. In general, all servers can create authentication events, but only
the Name Server and Bitfile Server will generate file events. The security audit records are sent to
the log file and are recorded as security type log messages.
2.8.5 Logging Policy
Thelogging policy provides the capability to control which message types are written to the HPSS
log files. In addition, the logging policy is used to control which alarms, events, and status
messages are sent to the Storage System Manager to be displayed. Logging policy is set on a per
serverbasis. Refer to Section 6.6.4: Configurethe Logging Policies (page 293) for a description of the
supported message types.
If a logging policy is not explicitly configured for a server, the default log policy will be applied.
The default log policy settings are defined from the HPSS Log Policies window. If no Default Log
Policy entry has been defined, all record types except for Trace are logged. All Alarm, Event, and
Status messages generated by the server will also be sent to the Storage System Manager.
The administrator might consider changing a server’s logging policy under one of the following
circumstances.
A particular server is generating excessive messages. Under this circumstance, the
administratorcould use the logging policy to limit the message types being logged and/or
sent to the Storage System Manager. This will improve performance and potentially
eliminateclutter from the HPSS Alarms and Events window. Message types to disable first
would be Trace messages followed by Debug and Request messages.
One or more servers is experiencing problems which require additional information to
troubleshoot. If Alarm, Debug, or Request message types were previously disabled,
enabling these message types will provide additional information to help diagnose the
problem. HPSS support personnel might also request that Trace messages be enabled for
logging.
2.8.6 Location Policy
Thelocation policy providestheability to control how often Location Servers at an HPSS site will
contact other servers. It determines how often remote Location Servers are contacted to exchange
server location information. An administrator tunes this by balancing the local site's desire for
accuracy of server map information against the desire to avoid extra network and server load.