Contents

Audit Events

An audit event is a specific condition of the server or a particular change made in the server that is recorded. These events might range from the trivial to the vital. A policy is used to define the level of events that need be audited. Events might also be categorized based on functions such as Authentication, Authorization and Security Database Modification, where:

  • Authentication - Covers all authentication requests within the MQ server.
  • Authorization - Cover all authorization checks irrespective of whether a User is authorized to perform the action.
  • Security Database Modification – Covers all changes made to the security store such as creation/deletion of User/Group, setting of ACL permissions and so on.

Audit Policies

The Server decides whether to store an audit event, based on the policies defined by the User. These policies (or Filters or Storage Policies or Audit Policies) are rules which define certain conditions. The server records all audit events that match these conditions. Policies are configuration tools that the User has at his disposal to fine tune the detail of the events to be recorded.

When an event is recorded, the server checks with its policies to see if the event need be recorded.

Icon

So as to perform the actions specified in sections, Enabling Auditing and Disabling Auditing, a User needs adequate permissions. Please refer to the section ACLS for Audit Management with regard to 'permissions'.

Adaptavist ThemeBuilder EngineAtlassian Confluence