Index

• AAO.
  • See also Audit analysis officer.
• aaodir directory (1), (2)
• Access privileges, Windows (1), (2), (3)
• Access to audit trail, controlling (1), (2), (3), (4)
• Accessibility
  • dotted decimal format of syntax diagrams
  • syntax diagrams, reading in a screen reader
• Adding audit masks
• Administrative roles
  • audit analysis officer
  • database administrator
  • database server administrator
  • database system security officer
  • listed
  • operating-system administrator
• Administrator
  • audit analysis officer
  • database
  • database server
  • database system security officer
  • operating system
• ADTADMMODE configuration parameter
  • changing dynamically
  • described
• ADTCFG file
  • aaodir directory
  • ADTADMMODE configuration parameter
  • adtcfg.std file
  • ADTMODE configuration parameter (1), (2)
  • audit configuration
    • UNIX (1), (2)
    • Windows (1), (2)
  • configuration parameters (1), (2)
  • conventions used (1), (2)
  • description of
  • UNIX audit file size
  • white space
• ADTERR configuration parameter (1), (2), (3)
• adtmasks.std file
• ADTMODE configuration parameter (1), (2), (3), (4)
• ADTPATH configuration parameter (1), (2), (3), (4)
• ADTSIZE configuration parameter (1), (2), (3)
• Aggregation
• Application Event log, Windows (1), (2)
• Audit
  • features
  • minimum events to audit
  • performance
  • process for
  • reasons for
  • record format
  • turning on auditing
• Audit administrator
  • audit analysis officer (1), (2)
  • audit configuration (1), (2)
  • audit instructions
  • audit masks (1), (2)
  • audit-trail analysis
  • auditing on or off (1), (2)
  • database system security officer (1), (2)
  • roles (1), (2)
  • security risk
• Audit analysis
  • creating a data file
  • importance of
  • loading audit data into a database
  • overview
  • preparing for (1), (2)
  • records indicating event failure
  • records indicating event success
  • strategies for
  • with SQL
    • creating a command file
    • creating a database and table
    • description
    • performing
    • preparing for
  • without database
  • without SQL (1), (2)
• Audit analysis officer (AAO)
  • audit administrator (1), (2)
  • role description
  • security threats
  • UNIX
  • Windows registry settings
• Audit configuration
  • ADTCFG file
  • changing from a command line
  • showing
    • from a command line (1), (2)
    • with onshowaudit
  • UNIX onaudit output
  • Windows
    • ADTCFG file
    • onaudit output
• Audit data
  • controlling access to
  • creating a table for
  • loading into database
  • privileges to protect
• Audit error mode
  • and onaudit
  • changing
  • in ADTCFG file
  • setting
• Audit events
  • alphabetical listing of codes (1), (2)
  • displaying
  • fields shown
  • listed
  • minimum ones to audit
• Audit files, UNIX
  • See also Audit trail.
  • controlling access to
  • directory
    • specifying with ADTPATH
    • specifying with onaudit
  • error modes when writing to
  • extracting information with onshowaudit
  • location of
  • naming
  • properties of
  • specifying maximum size
    • with ADTSIZE
    • with onaudit
  • starting
    • new file
    • with onaudit (1), (2)
  • storage
    • in database server
    • in operating system
  • write errors
• Audit instructions
  • minimum events to audit
  • resource and performance implications
  • who sets
• Audit level, setting
• Audit masks
  • _default mask
  • _exclude mask
  • _require mask
  • adding
  • base mask
  • compulsory masks
  • conflict in audit instructions (1), (2)
  • creating a template
  • creating a user mask from a template mask
  • creating from a command line
  • deleting (1), (2)
  • displaying
  • how to use
  • individual user mask
  • maintaining
  • modifying
    • command syntax for
    • from a command line
    • from an input file
    • instructions
  • restricted names
  • setting up default and compulsory
  • showing
  • specification with onaudit
  • templates
  • types, listed
  • user mask
• Audit records
  • controlling access to
  • interpreting extracted information
• Audit trail
  • administration (1), (2)
  • controlling access to (1), (2)
  • extracting information with onshowaudit
  • multiple records for single event
  • operating-system, UNIX
  • reviewing
  • starting a new UNIX file
  • starting auditing from a command line (1), (2)
  • storing
    • in database server
    • in operating system (1), (2), (3)
  • UNIX file permissions (1), (2), (3), (4), (5), (6)
  • UNIX files
  • Windows access privileges
  • Windows Application Event log
• Audit trail, controlling access to
• Auditing
  • ADTCFG file
    • UNIX (1), (2)
    • Windows (1), (2)
  • creating user masks from template masks
  • displaying fragmentation information
  • error mode levels
  • granularity
  • operating system versus database server
  • setting the level
  • setting up
  • specifying UNIX directory
    • with ADTPATH
    • with onaudit
  • turning off (1), (2), (3)
  • turning on (1), (2), (3)

• Base mask, defined
• Boldface type
• Browsing

• Changing the audit error mode
• Changing the system audit configuration
• Code, sample, conventions for
• Code set, ISO 8859-1
• Command files
  • creating for dbload
  • use with dbload
• Command-line conventions
  • how to read
  • sample diagram
• Compliance
  • with industry standards
• Compulsory audit masks
  • setting up
  • when applied
• Configuration, audit
  • displaying (1), (2)
  • maintaining
  • overview
  • tasks listed
• Configuration parameters
  • ADTADMMODE
  • ADTERR (1), (2), (3)
  • ADTMODE (1), (2), (3), (4)
  • ADTPATH (1), (2), (3)
  • ADTSIZE (1), (2), (3)
  • described
  • listed (1), (2)
• Configuring role separation
• Contact information
• Continue error modes
• Controlling access to audit trail (1), (2), (3), (4), (5)
• Conventions
  • command-line
  • documentation
  • sample-code
  • syntax diagrams
  • syntax notation
  • typographical
• Coserver (1), (2)
• Creating a data file
• Creating a database and table for audit data
• Creating a user mask from a template mask
• Creating an audit mask from a command line

• DAC.
  • See also Discretionary Access Control.
• Data
  • audit, loading into database
  • creating a file for dbload (1), (2)
  • extracting with onshowaudit
• Database
  • creating for Dynamic Server audit records
  • creating for XPS audit recordsExtended Parallel Server
    • creating database for audit records
  • sysmaster
• Database administrator (DBA)
• Database server
  • audit log (1), (2)
  • auditing (1), (2)
  • managing auditing
    • with ADTMODE
    • with onaudit
  • monitoring events and users
  • naming convention
  • quiescent mode
• Database server administrator (DBSA)
  • administrative role
  • role description
  • security threats
• Database system security officer (DBSSO)
  • audit administrator (1), (2)
  • role description
  • security threats
  • UNIX
  • Windows registry settings
• DB-Access utility
• DBA.
  • See also Database administrator.
• dbload utility
  • creating a command file for
  • creating a data file for
  • creating a database and table for
  • creating onshowaudit output files for
  • loading audit data into a database
  • redirecting onshowaudit output
• DBMS security threats
• DBSSO.
  • See also Database system security officer.
• dbssodir directory
• Default audit mask
  • setting up
  • when applied
• Default locale
• Deleting audit masks (1), (2)
• Demonstration databases
• Directory
  • aaodir
  • specifying for UNIX audit files
    • with ADTPATH
    • with onaudit (1), (2)
• Disabilities, visual
  • reading syntax diagrams
• Discretionary Access Control (DAC)
• Displaying
  • audit configuration (1), (2), (3)
  • audit masks (1), (2)
• Distributed database configuration threats
• Documentation, types of
  • machine notes
  • online manuals
  • printed manuals
• Documentation conventions
• Documentation Notes
• Documentation set of all manuals
• Dotted decimal format of syntax diagrams
• Dynamic Server
  • audit record format for
  • extracting and loading audit records for

• en_us.8859-1 locale
• Enable Role Separation check box
• Enforcing role separation
• Environment variable
  • INF_ROLE_SEP
  • NODEFDAC
• Environment variables
• Error messages
• Error messages log, size of
• Error mode
  • and ADTERR
  • and onaudit
  • changing
  • continue
  • halt
  • implications of
  • setting
  • when writing to an audit file
• Event codes, alphabetical listing (1), (2)
• Event failure
• Event success
• Events
  • defined
  • fields shown
  • level of auditing for specified
  • mnemonics listed (1), (2)
  • which ones to audit
• Exclude audit mask
• Extended Parallel Server
  • audit record format
  • extracting and loading audit records for
  • specifying location in ADTCFG file

• Fields for audit events
• File
  • ADTCFG
  • data, creating for dbload (1), (2)
  • input
    • for modifying masks
    • for onaudit
  • UNIX audit
    • controlling access to (1), (2)
    • location of
    • naming
    • starting new file
    • starting with onaudit (1), (2)
    • storage in database server
    • storage in operating system
• FILE statement
• Fixed and Known Defects File
• Format
  • for audit records
  • for dbload data file
  • for onaudit input file
• Fragmentation, information in audit events

• Global Language Support (GLS)
• Guidelines for assigning roles

• Halt modes (1), (2)
• Help

• Industry standards, compliance with
• INF_ROLE_SEP environment variable
• Informix Dynamic Server documentation set
• informix user account (1), (2), (3), (4)
• INFORMIXDIR/bin directory
• Input file for onaudit utility
• Insider attack
• Installation Guides
• ISO 8859-1 code set
• IXUSERS seccfg setting

• Keywords
  • in syntax diagrams

• Level of auditing, determining
• Loading onshowaudit data into a database table
• Locale
  • default
  • en_us.8859-1

• Machine notes
• Malicious software security threats
• Manual
  • purpose of
  • types of users
• Mask
  • _default
  • _exclude
  • _require
  • creating
    • template
    • user mask from a template mask
    • user mask without a template mask
    • with onaudit
  • deleting (1), (2)
  • displaying
  • how to use
  • modifying
    • from an input file
    • from the command line
    • with onaudit
  • onaudit input-file format
  • setting up compulsory
  • setting up default
  • showing with onaudit
  • specification with onaudit
  • template
  • types, listed
  • user
• Message facility
• Message log
• Message Server service
• Mnemonics, alphabetical listing for events (1), (2)
• Modifying audit masks (1), (2)

• Named pipes interprocess communications
• New features, Version 9.2
• NODEFDAC environment variable

• Obsolete user security threats
• onaudit utility
  • ADTADMMODE parameter
  • ADTERR parameter (1), (2)
  • ADTMODE parameter
  • ADTPATH parameter
  • ADTSIZE parameter
  • audit events, adding to audit masks
  • audit file location
  • audit masks
    • creating
    • deleting (1), (2)
    • described
    • displaying
    • showing from command line
  • auditing mode levels (1), (2)
  • auditing on or off
  • changing the audit error mode
  • changing the system audit configuration
  • description of (1), (2), (3)
  • displaying the audit configuration
  • error-mode levels
  • error modes
  • fragmentation information
  • HDR limitations
  • input-file format
  • level of auditing for certain events
  • masks, modifying (1), (2)
  • railroad diagram of
  • setting the error mode
  • showing the audit configuration
  • specifying a directory for UNIX audit files
  • starting a new UNIX audit file
  • storage of audit records
  • syntax (1), (2)
  • template mask
    • creating
    • creating a user mask from
    • creating a user mask without
  • turning off auditing
  • turning on auditing
  • UNIX operations
  • used by AAO
  • used by DBSSO
  • who can run
  • Windows operations
• ONCONFIG file (1), (2), (3)
• Online help
• Online manuals
• Online mode
• Online notes (1), (2)
• onshowaudit utility
  • audit trail access
  • data extraction from audit trail (1), (2)
  • description of
  • extracting data for audit analysis
  • listing of audit events for analysis
  • output accessible by AAO
  • role separation
  • syntax (1), (2)
  • used by AAO
  • using dbload with
  • who can run (1), (2)
• Operating system
  • audit log
  • audit record format
  • auditing
  • coordinating auditing between AAO and OSA
  • managing auditing
    • with ADTMODE (1), (2)
    • with onaudit
  • protected subsystem for audit trail
  • storing audit records (1), (2)
• Operating-system administrator (OSA)
  • administrative role
  • role defined
  • security threats
• Operating-system audit trail, UNIX
• OSA.
  • See also Operating-system administrator.

• Parameters, configuration
  • ADTADMMODE (1), (2)
  • ADTERR (1), (2), (3)
  • ADTMODE (1), (2), (3)
  • ADTPATH (1), (2), (3)
  • ADTSIZE (1), (2), (3)
  • described
  • listed (1), (2)
• Path, specifying for auditing
  • with ADTPATH
  • with onaudit
• Performance implications of auditing
• Performing SQL audit analysis
• Permissions, UNIX (1), (2), (3)
• Preparing for audit analysis (1), (2)
• Primary security threats
• Printed manuals
• Privileged activity security threats
• Privileged environment, security threat from untrusted software
• Privileged users
• Privileges to protect audit data
• Purpose of manual

• Queries by browsers
• Quiescent mode

• Raw audit records
• Registry settings, Windows
  • for AAO
  • for DBSSO
  • for role separation
• Release Notes
• Remote access to data, security threat
• Require audit mask
• Resource implications of auditing
• Responding to security problems
• Role separation and onshowaudit
• Role Separation dialog box (1), (2)
• Roles
  • administrative, listed
  • assigning
  • audit analysis officer
  • configuring and enforcing
  • database administrator
  • database server administrator
  • database system security officer
  • no separation, security configuration for
  • operating-system administrator
  • separation (1), (2), (3), (4)
• root user account (1), (2)

• sales_demo database
• Sample-code conventions
• Screen reader
  • reading syntax diagrams
• seccfg file
• Security configuration for audit files
• Security Event log, Windows
• Security threats
  • aggregation
  • audit analysis officer
  • browsing
  • database server administrator
  • database system security officer
  • DBMS
  • distributed databases configuration
  • granting remote access to data
  • insider attack
  • introduction of malicious software
  • obsolete user
  • operating-system administrator
  • primary
  • privileged activity
  • responses to
  • setting the auditing level
  • shared-memory connection
  • untrusted software in privileged environment
• SERVERNUM configuration parameter
• Session, effects of errors
• setenv utility
• Shared-memory connection
• Showing
  • audit configuration
  • audit masks
• Size, specifying maximum for UNIX audit files
  • with ADTSIZE
  • with onaudit
• SMI sysadtinfo table
• Software dependencies
• Specification, audit mask
• SQL code
• SQL statement
  • CREATE DATABASE (1), (2)
  • GRANT
  • REVOKE
• sqlhosts directory
• Storage of UNIX audit files
  • in database server
  • in operating system
  • new file (-n) option
• stores_demo database
• Strategies for audit analysis
• superstores_demo database
• Superuser (root)
• Syntax
  • onaudit utility
  • onshowaudit utility
• Syntax diagrams
  • conventions for
  • keywords in
  • reading in a screen reader
  • variables in
• Syntax segment
• sysadtinfo table
• sysaudit table
• sysmaster database
• sysmaster database, sysadtinfo table

• Table
  • creating for audit data
  • sysadtinfo
• Template audit masks
  • base mask
  • creating from user masks
  • creating with onaudit
  • description
  • naming rules
• Thread, suspended
• TOC Notes
• Trojan horse
• Typographical conventions

• UNIX
  • ADTCFG file (1), (2)
  • audit configuration (1), (2)
  • audit files
    • data extraction
    • directory (1), (2), (3), (4)
    • error modes when writing to
    • location
    • naming
    • new (1), (2), (3)
    • properties
    • size (1), (2), (3)
    • storage in database server
    • storage in operating system
  • audit-trail files
  • machine notes file
  • onaudit output
  • operating-system audit trail
  • operations with onaudit
  • permissions (1), (2)
  • workstations
• UNIX operating system
  • default locale for
• Unscrupulous user (1), (2), (3), (4)
• Untrusted software
• User informix
  • audit files owner
  • retrieving audit configuration information
  • running onaudit
  • running onshowaudit (1), (2), (3)
• User mask
  • and _default mask
  • creating from a template mask
  • creating without a template mask
• Users
  • accounts with same name
  • auditing (1), (2)
  • privileged
  • system
• Utilities
  • dbload.
    • See also dbload utility.
  • onaudit.
    • See also onaudit utility.
  • onshowaudit.
    • See also onshowaudit utility.
  • setenv

• Variables, in syntax diagrams
• Visual disabilities
  • reading syntax diagrams

• White space in ADTCFG file
• Windows
  • access privileges (1), (2)
  • access privileges for audit trail (1), (2)
  • ADTCFG file
  • Application Event log (1), (2), (3)
    • description
  • audit configuration (1), (2)
  • audit trail in Application Event log
  • default locale for
  • onaudit output
  • operations with onaudit
  • registry settings
    • for AAO
    • for DBSSO
    • for role separation
  • Security Event log (1), (2)
• Windows XP

• Zero (0)
  • ADTADMMODE setting
  • ADTERR setting
  • ADTMODE default value
  • continue error code
  • onaudit error mode