[Info-vax] Logging image activations
Jeremy Begg
jeremy.removethis at vsm.com.au
Thu Oct 29 23:27:02 EDT 2009
Hi Jan-Erik,
Jan-Erik Söderholm wrote:
> FrankS wrote:
>
>> On Oct 27, 6:26 pm, Jan-Erik Söderholm <jan-erik.soderh... at telia.com>
>> wrote:
>>
>>> Hm, maybe some ACL on the files to enable auditing of
>>> "execute" access ? That would be easy to add to the files
>>> anyway, I'm not sure about how easy it is to get reports.
>>> Maybe some mangling of the ANA/AUD output would do...
>>>
>>
>> That option would at least allow you to be more selective about which
>> executables get logged, instead of all image activations. The
>> assumption is that you know in advance the executables of interest.
>
>
> Yes, the images of interest are all in 4-5 applications
> specific directories. And they are also all on a application
> specific device. Most/all images that I'm not interested in
> are on the system device.
>
> I'll probably experiment with both the SET ACC/ENAB=IMAGE method
> and some ACLs to enable access auditing and see what's easiest.
If you know the directories you're interested in (and hence all the .EXE
files which might be run), and there aren't too many of them, you could use
$ INSTALL CREATE imagename /ACCOUNTING
This will cause each activation of the named image to be logged to the
accounting file, even if you don't have image accounting turned on.
Regards,
Jeremy Begg
More information about the Info-vax
mailing list