Manuals / Brands / Computer Equipment / Server / Sybase / Computer Equipment / Server

Sybase DC35823-01-1500-04 Overview of audit installation

1 150

Download 150 pages, 930.25 Kb

Adding auditing

114 Adaptive Server Enterprise

• The audit trail, which consists of several audit devices and tables that you

determine at configuration time

• The syslogs transaction log device, which stores transaction logs

The sybsecurity

device and database The sybsecurity device stores the sybsecurity database. The sybsecurity

database is created as part of the auditing configuration process. It contains all

the system tables in the model database, as well as a system table for keeping

track of server-wide auditing options and system tables for the audit trail.

Tables and devices for

the audit trail Adaptive Server stores the audit trail in system tables, named sysaudits_01

through sysaudits_08. At any given time, only one of the audit tables is current.

Adaptive Server writes all audit data to the current audit table. A System

Security Officer can use sp_configure to set or change which audit table is

current.

When you configure Adaptive Server for auditing, you determine the number

of audit tables for your installation. You can specify up to eight system tables

(sysaudits_01 through sysaudits_08). Plan to use at least two or three system

tables for the audit trail and to put each system table on its own device, separate

from the master device. If you do this, you can use a threshold procedure that

archives the current audit table automatically, before it fills up and switches to

a new, empty table for subsequent audit records.

Device for syslogs

systems table During auditing configuration, you must specify a separate device for the

syslogs system table, which contains the transaction log. The syslogs table,

which exists in every database, contains a log of transactions that are executed

in the database.

Overview of audit installation

There are two methods for installing auditing for the first time in Adaptive

Server:

•Use the installsecurity script. For information, see the System

Administration Guide.

•Use the auditinit utility. Tasks that you must perform before installing

auditing and instructions on using the auditinit utility follow.

Contents

Main Page Contents CHAPTER 2 Starting and Stopping Servers .................................................... 17 iv CHAPTER 3 Configuring the Operating System........... ................................... 29 CHAPTER 4 Adaptive Server Default Configuration........................................ 47 CHAPTER 5 Setting Up Communications Across the Network...................... 49 CHAPTER 7 Customizing Localization for Adaptive Server........................... 81 vi CHAPTER 8 Logging Error Messages and Events ........................................ 105 CHAPTER 9 Managing Adaptive Server Databases....................................... 109 CHAPTER 10 Adding Optional Functionality to Adaptive Server................... 113 About This Book Page Page Page Page Page Page xiv Syntax statements (displaying the syntax and all options for a command) appear as follows: For a command with more options: Page Page About Adaptive Server System-specific issues System user roles Environment variables Page Adaptive Server devices and system databases The master device The sybsystemdb device The sysprocsdev device Optional devices and databases Page dsync option on by default for database device files Determining the location, type, and size of a database device For Solaris, HP-UX, IBM AIX, and Linux For All Platforms Page Client/server communication Changing Adaptive Server configuration Languages other than U.S. English Adaptive Server specifications Adaptive Server specifications 14 CHAPTER 1 Introduction Table 1-3 lists the column and row limits for data-only-locked (DOL) tables. Adaptive Server specifications 16 Overview Requirements for starting servers Starting servers Server start-up parameters Changing start-up parameters Using a RUN_server_name file Using the startserver command Using the monserver and backupserver commands Starting servers when the operating system restarts Page For Sun Solaris and Linux Page Starting XP Server after initial installation Stopping servers Stopping Adaptive Server Stopping Backup Server Stopping Monitor Server Using the kill command Shutdown and shared memory files Page System Setting environment variables Configuring new servers with srvbuild Page Page Using the stty setting Restoring correct permissions File descriptors and user connections For AIX Displaying current soft and hard limits Increasing the soft limit Increasing the hard limit Sample program Enabling asynchronous disk I/O Page Page Adjusting the client connection timeout period Checking for hardware errors Monitoring the use of operating system resources For IBM RS/6000 For Sun Solaris and Linux A sample C shell maintenance script Page Configuration Default settings Default settings 48 Across the Network How Adaptive Server determines which directory service entry to use How a client uses directory services Creating a directory services entry Supported directory drivers Contents of an interfaces file Heterogeneous and homogeneous environments 54 Understanding the format of the interfaces file Understanding the format of the interfaces file 56 A TCP style entry looks like: Components of an interfaces file entry Table 5-2 describes the components of an interfaces file entry. CHAPTER 5 Setting Up Communications Across the Network Creating a master interfaces file Using dsedit or dscp to create a master interfaces file Using a text editor to create a master interfaces file Configuring interfaces files for multiple networks Configuring the server for multiple network handlers Sample interfaces files for multiple network handlers Configuring the client connections Using one network-independent DSQUERY name Using different DSQUERY names Configuring for query port backup IPv6 support Understanding IPv6 IPv6 infrastructure Starting Adaptive Server Enterprise as IPv6-aware Troubleshooting Server fails to start Error when executing an ESP Page Access Protocol as a Directory Service Overview LDAP directory services versus the Sybase interfaces file Page libtcl*.cfg file on page 73 The libtcl*.cfg file Enabling LDAP directory services Page Adding a server to the directory services Multiple directory services Encrypting the password Performance Migrating from the interfaces file to LDAP Page Adaptive Server Overview of localization support Language modules Default character sets for servers Changing the default language and character set Changing the default character set for servers Supported character sets Page Overview of localization support 86 Table 7-4 lists the traditional Chinese character set: Table 7-7 lists the Greek character set: Table 7-5 lists the Cyrillic character set: Table 7-6 lists the Eastern European character set: Page Overview of localization support 88 Table 7-13 lists the Unicode character set: Table 7-14 lists the Vietnamese character set: Table 7-15 lists the Western European character set: Character set conversion Conversions between server and client Sort orders Available sort orders Page Sort orders 92 Language modules Installing a new language module Message languages Localization Localization directories About the directory About the charsets directory About the locales.dat file Format of locales.dat file entries How client applications use locales.dat Editing the locales.dat file Changing the localization configuration Adaptive Server localization Backup Server localization Configuring Adaptive Server for other character sets Changing the localization configuration 100 Sort orders CHAPTER 7 Customizing Localization for Adaptive Server Character sets Table 7-18 lists the supported character sets and their Sybase name. Changing the localization configuration 102 charset utility CHAPTER 7 Customizing Localization for Adaptive Server Page Events Adaptive Server error logging Enabling and disabling error logging Setting error log paths Setting the Adaptive Server error log path Managing messages Logging user-defined messages New messages Existing messages Logging auditing events Databases Managing database devices Device requirements Creating files for database devices Page Page Adaptive Server Adding auditing Audit system devices and databases Overview of audit installation Pre-installation tasks for auditing devices Installing auditing Page Page Page Page Page Installing online help for Transact-SQL syntax Online syntax help: sp_syntax Default device for the sybsyntax database Installing sybsyntax Page Page Index Symbols A B 126 C D E F 128 G H I J K L 130 M N O P Q R S 132 T U