|
HP OpenVMS Systemsask the wizard |
|
The Question is: Is there any way to track each single DCL command issued by a user and keep a complete activity log ? Something more transparent for the user than a "set host 0/log". The Answer is : Please consider reviewing the OpenVMS Frequently Asked Questions (FAQ), for discussions of and answers to many common questions. Yes, including this one. Search for MONITOR or AUDIT or other such terminology within the FAQ, and you will find pointers to Freeware and to available commercial packages that can be used to track user activity; to spy on system users. The OpenVMS Wizard generally recommends using system security auditing and of OpenVMS object protections and not keystroke monitors -- keystroke monitors are comparatively easy to defeat, and details are difficult to dig out of the voluminous logs that inevitably result, comparatively easy to obfuscate -- is that a DCL symbol or a DCL command the user just executed? -- and privileged users (as is normally the case) can override the logging mechanisms. DCL commands are not a class of object that can be protected and can be alarmed and/or audited. Files, global sections, devices, etc., can all be protected and alarmed/audited. Without appropriate system security and system alarms and audits configured, (host-based) logging can be irrelevent -- keystroke logging is secondary or tertiary to establishing and maintaining a proper local OpenVMS system security configuration. If you must have privileged users held accountable, use the two-password login mechanism and require that two users be present for all operations on each privileged username. (This is the intended use of the secondary password mechanism.) For information on security configuration recommendations, please see the appendix of the OpenVMS system security manual.
|