SECURITY Parameters

Client-wide variables that allows you to define security audit logs for authorized and/or denied accesses in the categories login, privilege, host access and object access.

You can set the different parameters in the Administration perspective, provided that you have the required privileges. Each access results in a security message that informs about the access time, user, access category, host and the actual access. Host information is only available if the user is logged on to the AWI. Usually, you cannot retrieve host information for tasks that are activated at runtime.

If these parameters are activated in Client 0 and an an unknown user makes an attempt to log on to the system, the access denial is logged in Client 0.

Notes:

  • Single assignments to variable values must be separated by commas.
  • Specify the variable values exactly as described. They are case sensitive.
  • Single assignments to values are not case sensitive.

SECURITY_AUDIT_FAILURE

  • Description: Logs denied access attempts in the categories login, privilege, host access and object access

  • Allowed values:

    • HOST_ACCESS: All the denied attempts to access a host are logged.

    • LOGON: All the denied login attempts are logged.

    • OBJECT_ACCESS: The denied attempts to access an object are logged.

    • USER_PRIVILEGES: All denied user privileges are logged.

  • Default value: Null

    No options unless explicitly mentioned.

  • Restart required: No

SECURITY_AUDIT_SUCCESS

  • Description: Logs authorized accesses in the categories login, privilege, host access and object access

  • Allowed values:

    • HOST_ACCESS: Authorized host accesses are logged

    • LOGON: Authorized logins are logged

    • OBJECT_ACCESS: Authorized object accesses are logged

    • USER_PRIVILEGES: Authorized user privilege uses are logged

  • Default value: Null

    No options unless explicitly mentioned.

  • Restart required: No

See also:

UC_CLIENT_SETTINGS - Various Client Settings