Chapter 10 457
Tuning, Troubleshooting, Security, and Maintenance
Auditing
Auditing
ITO distinguishes between different modes and levels of audit control.
The mode determines who is permitted to change the level of auditing;
the level determines what kind of auditing information is being collected.
Your company policy determines which auditing mode, normal or
enhanced, is used. Normal audit control is the default mode after
installation. In normal mode the ITO administrator can change the level
of auditing using the Configure Management Server window.
Enhanced audit control can only be set by the user root, and cannot be
reset without re-initializing the database.
You can select from the following audit levels:
❏ [No Audit]
ITO does not maintain any auditing information.
❏ [Operator Audit]
ITO maintains audit information about:
• operator logins and logouts, including attempted logins
• changes to the ITO user passwords
• all actions started from the browsers and from the Application
Desktop:
Operator Audit is the default level after installation.
❏ [Administrator Audit]
ITO maintains audit information about user logins and logouts,
including attempted logins and changes to the ITO user passwords.
In addition, ITO creates audit entries when actions are started from
the message browsers and in the Application Bank, and when the
configuration of ITO users, managed nodes, node groups, or templates
changes. See Table 10-11 on page 458 for a complete overview of the
audit areas that are included in this level.
