Справочник Пользователя для 3e Technologies International Inc. 527A3

The 3e-527A3 collects audit data and provides an interface for au-

thorized administrators to review generated audit records. It generates 

records for two separate classes of events: authentication/access to the 

system, and actions taken directly on the system. All audit records in-

clude the date/time of the event, the identity associated with the event 

(such as the service, computer or user), the success/failure of the event 

and a definition of the event (by code or explanation).

Every start and stop of the audit service is noted in the audit record. 

For audit events resulting from actions of identified users, the 3e-527A3 

shall be able to associate each auditable event with the identity of the user 

that caused the event. The 3e-527A3 shall be able to include or exclude 

auditable events from the set of audited events based on object identity, 

user identity, subject identity, host identity, and event type. 

The TOE (Target of Evaluation) provides tools which can be used to 

review the audit records. These tools allow the user to query for records 

based on the identity associated with the record, such as the user or com-

puter which is associated with the event.

The Auditing screens contain auditing functions for the system. The 

screens and functions are detailed in the following subsections.

The Auditing—Log screen provides a listing of all the audit records. 

This log will rotate after it reaches the defined maximum size. You can not 

delete this log but you can export the file to a PC.