Home » HP Manuals » Storage Devices » HP XP20000/XP24000 » Manual Viewer

HP XP20000/XP24000 HP StorageWorks XP24000/XP20000 Audit Log Reference Guide ( - Page 24

Table 4 Items in the Syslog File

View all HP XP20000/XP24000 manuals

Add to My Manuals
Save this manual to your list of manuals

Page 24 highlights

Table 4 Items in the Syslog File (continued) No. Item Description 7 Message identification The serial number of the syslog header information. information 8 Message ID. Not displayed because it is not used. 9 Date, time#21 The date, time and the time difference between UTC (Coordinated Universal Time) in the format of YYYY-MM-DD-Thh:mm:ss.s hh:mm (YYYY: year, MM: month, DD: day, hh: hour, mm: minute, ss.s: second, hh: hours of the time difference and mm: minute of the time difference) Z is displayed instead of hh:mm when there is no time difference between UTC, such as 2005-12-26T:23:06:58.0Z. The displayed format for second ss.s represents one decimal place. 10 Detection entity 11 Detected location 12 Type of audit event The detection entity identification character (Storage). The host name (SVP). The category name of the event as described in the following example: • Authentication. iSCSI login or authentication of RMI (Remote Method Invocation) • ConfigurationAccess. Setting from Remote Web Console, SVP, or host. • AnomalyEvent. Reached the maximum of the audit log, etc. • Maintenance. SVP maintenance. 13 Result of the audit event The result of the audit event: • Success: Normal end. The operation has ended normally. • Failed: Error (xxxx-yyyy). The operation has ended abnormally. • Failed: Warning (xxxx-yyyy). The operation has partly ended abnormally or was canceled during the operation. Error codes are described as xxxx-yyyyy. SVP operations or commands from the host do not output error codes. 14 Subject identification The user name in the format of uid=user name. information • When the category name is AnomalyEvent, or the DKA Encryption License Key is created, is output. • is output for SVP operation. • is output for commands from host. 15 Hardware identification The ID (R600) to identify the model name of the product and the serial number divided information by a colon. 16 Generated location Not displayed because it is not used. information 17 Related information The location identification name set by the user in the Syslog window. 18 FQDN. Not displayed because it is not used. 19 Redundant identification information. Not displayed because it is not used. 20 Agent information Not displayed because it is not used. 24 Audit Log File Format

Section	Page
XP24000/XP20000 Audit Log User and Reference Guide	1
Contents	3
1 Introduction	12
Purpose of Audit Logs	12
Download the Audit Log Information Files to the Remote Web Console Computer	13
Download the Syslog Information File to the Remote Web Console Computer	13
Transferring the Audit Log Information File to the FTP Server	13
Transferring the Audit Log Files to Syslog Servers	15
Storing Audit Logs	17
Audit Log File Description	18
2 Audit Log File Format	20
Audit Log Information File	20
Syslog Information File	22
Syslog Information File Monitoring Threshold	26
3 Information Output in the Audit Log Information File	27
Operation of Remote Web Console and SVP	27
Receiving Command from the Host	36
DKA Encryption License Key Operation	36
PIN Deletion Tool Operation	36
Audit Log Reproduced Output	37
Audit Log Lost Output	37
4 Sample Audit Logs of Remote Web Console PC and SVP Operations	38
5 Account Function	39
Set User Account Operation	39
Set Login Message Operation	41
6 Audit Log Function	43
Audit Log Buffer	43
Create File	43
DKCAuditLog was lost	43
Over MaxLine Event	44
Over Threshold Event	44
Set FTP Server Operation	44
Set Syslog Server Operation	45
SIM Complete Operation	46
7 BASE Function	47
Certificate Update Operation	47
Control Panel Backup Operation	47
Control Panel Restore Operation	48
Delete CVAE Info Operation	48
Environment Setting Operation	49
Login Operation	49
Logout Operation	50
Release HTTP Block Operation	50
Set CVAE Info Operation	51
Set System Info Operation	51
Set Up HTTP Block Operation	52
Storage Device Add Operation	52
Storage Device Del Operation	53
Storage Device Edit Operation	54
8 XP Business Copy Software Function	55
Change Reserve Operation	55
Initialize Operation	55
Option Operation	55
Pair Create Operation	56
Pairresync Operation	57
Pairsplit Operation	57
Pairsplit-E Operation	58
Pairsplit-S Operation	58
9 Cache Function	60
DCR Prestaging Operation	60
Delete Cache Residency Manager for z/OS (M/F DCR) Operation	60
Delete Open Cache Residency Manager (Open DCR) Operation	60
Set Cache Residency Manager for z/OS (M/F DCR) Operation	61
Set Open Cache Residency Manager (DCR) Operation	62
10 CFL Function	63
LUNM Operation	63
VRM Operation	63
11 CFL Extension Function	64
CflSet Start Operation	64
CflSet End Operation	64
12 XP Continuous Access Software Function	65
Add CTG Operation	65
Change Async Option Operation	65
Change CTG Option Operation	66
Change Option Operation	66
Change Pair Option Operation	67
Delete CTG Operation	68
Function Switch Operation	68
Paircreate Operation	69
Pairresync Operation	70
Pairsplit-r Operation	71
Pairsplit-S Operation	72
13 XP Continuous Access Journal Software Function	74
Journal-Option Operation	74
Journal-Vol Operation (Add Parameter)	75
Journal-Vol Operation (Group-Delete Parameter)	76
Paircreate Operation	76
Pairresync Operation	77
Pairsplit-r Operation	78
Pairsplit-S Operation	79
Pair-Option Operation	80
R-Cmd. Dev. Operation	81
System-Option Operation	82
14 XP for CPAV Software Function	83
Add Alias Operation	83
Delete Alias Operation	83
15 Data Retention Utility Function	85
Attribute Operation	85
Expiration-Lock Operation	85
16 XP Disk/Cache Partition Function	87
Set Operation	87
17 Email Info Function	89
MailAddress Write Operation	89
Valid Flag Update Operation	89
18 XP External Storage Access Manager function	91
Add Quorum Disk ID Operation	91
Del Quorum Disk ID Operation	91
Paircreate Operation	92
Pairresync Operation	93
Pairsplit-r Operation	93
Pairsplit-S Operation	94
19 XP External Storage Software Function	96
AddVolume(FIBRE) Operation	96
BlockPaths(FIBRE) Operation	97
Change-CacheMode Operation	98
ChangePaths(FIBRE) Operation	98
CheckPaths(FIBRE) Operation	99
ChkPath-RestoreVol Operation	100
DeleteVolume(FIBRE) Operation	100
Disconnect-Volume Operation	101
DividePathGroup Operation	102
Inflow-Control Operation	102
UnitePathGroup Operation	103
WwnTimer Operation	104
20 FC Function	105
Set SCP Time Operation	105
21 Information Function	106
Delete Log Operation	106
ORM Value Operation	106
SIM Complete Operation	107
SIM Reporting Option Operation	108
Threshold Value Operation	109
22 Install Function	111
Add Host Group Operation	111
Add LU Path Operation	111
Add WWN Operation	112
All Config Operation	112
Assist Config Operation	113
Backup Config Operation	113
Change Host Group Operation	114
Change WWN Operation	114
Cache Residency Manager (DCR) Prestaging Operation	115
Define Config. Operation	115
Delete Disk Controller (DKC) WWN Operation	115
Delete Host Group Operation	116
Delete LU Path Operation	116
Delete WWN Operation	117
Disk Unit (DKU) Emulation Operation	117
Force Reset Operation	118
Format Operation	118
Format Stop Operation	119
Initialize ORM Value Operation	119
Install Operation	120
Install CV Operation	125
Machine Install Date Operation	126
Make LUSE Operation	126
Make Vol./Vol. Init Operation	127
Micro Program Operation	128
MP Install Operation	129
M/F DCR (Cache Residency Manager for z/OS) Operation	129
New Installation Operation	130
Open DCR (Cache Residency Manager) Operation	130
Patch Edit Operation	131
Release LUSE Operation	132
Restore Config. Operation	132
Set Battery Life Operation	133
Set Channel Speed Operation	134
Set Command Device (CommandDev) Operation	134
Set Command Device Security (CommandDevSec) Operation	135
Set Encryption Key Operation	135
Set Fibre Address Operation	135
Set Fibre Topology Operation	136
Set Host Mode Operation	136
Set IP Address Operation	137
Set Security Switch Operation	138
Set Speed Mode Operation	139
Set Subsystem Time Operation	139
System Option Operation	140
System Tuning Operation	142
Uninstall Operation	143
Update Config Operation	147
Volume to Space Operation	147
23 LDEV Function	149
Volume-Blockade Operation	149
Volume-Format Operation	149
Volume-Format(H) Operation	150
Volume-Format(Q) Operation	150
Volume-Restore(N) Operation	151
24 LUNM Function	152
Add Host Group Operation	152
Add Logical Unit (LU) Path Operation	152
Add World Wide Name (WWN) Operation	153
Change Host Group Operation	153
Change WWN Operation	154
Delete Disk Controller (DKC) World Wide Name (WWN) Operation	154
Delete Host Group Operation	155
Delete Logical Unit (LU) Path Operation	155
Delete World Wide Name (WWN) Operation	156
Set Channel Speed Operation	156
Set Command Device (CommandDev) Operation	157
Set Command Device Security (CommandDev Sec) Operation	157
Set Fibre-Channel Security Protocol (FCSP) Host Operation	158
Set Fibre-Channel Security Protocol (FCSP) Port Info Operation	158
Set Fibre-Channel Security Protocol (FCSP) Port Switch Operation	159
Set Fibre-Channel Security Protocol (FCSP) Target Operation	160
Set Fibre Address Operation	160
Set Fibre Topology Operation	162
Set Host Mode Operation	162
Set Security Switch Operation	164
Set Speed Mode Operation	165
Set UUID Operation	165
25 LUSE Function	167
Make LUSE Operation	167
Release LUSE Operation	167
26 Maintenance Function	168
Blockade Operation	168
Correction Copy Operation	168
Drive Interrupt Operation	169
Format Operation	169
Format Stop Operation	170
Pre Quick Format Stop Operation	170
Quick Format Operation	171
Recover Operation	172
Replace Operation	172
Restore Operation	173
Restore Data Operation	174
Size Change Operation	174
Spare Disk Operation	175
Switch SVP Operation	175
Transfer Config Operation	176
Type Change Operation	176
Verify Operation	177
Verify Stop Operation	177
27 OND Function	178
Release Cache/CLPR Operation	178
28 XP Performance Control (Perf Ctrl) Function	179
Change XP Performance Control Group (PerfCtrlGrp) Operation	179
Clear PPC Info Operation	179
Default Set Operation	179
XP Performance Control Group (PerfCtrlGrp) Delete/Change (Del/Chg) Operation	180
Set All Priority (Prio) Port Operation	181
Set All Priority (Prio) WWN Operation	181
Set Ctrl Kind Operation	182
Set Priority (Prio) Port Operation	182
Set Priority (Prio) WWN Operation	183
Update Port WWN Operation	184
Update XP Performance Control Group (PerfCtrlGrp) Operation	184
Update World Wide Name (WWN) Operation	185
29 Performance Monitor Function	187
Monitoring S/W Operation	187
Monitoring Switch (S/W) & CU Operation	187
30 PORT Function	188
Change Port Operation	188
31 Optional PP KEY Function	189
PP Apply Operation	189
PP Available Install Operation	189
PP Disable chk Operation	189
PP Enable chk Operation	190
PP Install chk Operation	190
PP Install File chk Operation	191
PP Uninstall chk Operation	191
SLPR PP Change Operation	192
32 RCU Function	193
Add Path Operation	193
Add RCU Operation	193
Change RCU Option Operation	194
Delete Path Operation	195
Delete RCU Operation	196
33 Volume Shredder Function	198
End Shredding Operation	198
Set Shredding Operation	198
Suspend Shredding Operation	199
34 SI for Mainframe Function	200
Add Pair Operation	200
Change Reserve Operation	200
CTG Operation	201
Delete Pair Operation	201
Initialize Operation	202
Option Operation	202
Resync Pair Operation	203
Split Pair Operation	204
Suspend Pair Operation	204
35 XP Snapshot Function	206
Pairsplit-S Operation	206
36 SNMP Function	207
Set SNMP Agent Operation	207
37 TC for Mainframe Function	208
Add CTG Operation	208
Add Pair Operation	208
Change Async Option Operation	210
Change CTG Option Operation	210
Change Option Operation	211
Change Pair Option Operation	212
Clear SIM Operation	212
Delete Cmd.Dev Operation	213
Delete CTG Operation	213
Delete Pair Operation	213
Function Switch Operation	214
Resume Pair Operation	215
Script Operation	216
Suspend Pair Operation	216
38 UR for Mainframe Function	218
Add-Pair Operation	218
Clear-SIM Operation	219
Delete-Pair Operation	219
Edit-EXCTG (Extended Consistency Group) Operation	220
Journal-Option Operation	221
Journal-Vol Operation (with Add Parameter)	222
Journal-Vol Operation (with Group-Delete Parameter)	223
Pair-Option Operation	224
R-Cmd.Dev. Operation	224
Resume-Pair Operation	225
Suspend-Pair Operation	226
System-Option Operation	227
39 VLL Function	229
Install CV Operation	229
Make Volume Operation	230
Set SSID Operation	231
System Disk Options Operation	231
Volume Initialize Operation	232
Volume to Space Operation	233
40 XP Auto LUN Software Function	234
Create Auto Plan Operation	234
Del Auto Plan Log Operation	234
Delete Auto Plan Operation	234
Del Migration Log Operation	235
Set Auto Plan Param Operation	235
Set Class Threshold Operation	236
Set Fixed PG Operation	237
Set Migration Vol Operation	237
Set Plan Condition Operation	238
Set Reserved Vol Operation	239
41 VRM Function	240
Attribute Operation	240
VTOC Operation	240
42 VSEC Function	242
Set Group Operation	242
43 VVOL Function	244
Add V-Vol (Snapshot) Operation	244
Add V-Vol (THP) Operation	244
Asso V-VOL/Rel Pool Operation	245
Delete V-Vol (Snapshot) Operation	246
Delete V-Vol (THP) Operation	247
Emulation Operation	247
Pool Change/Delete Operation	248
Pool Optimize Operation	249
Pool Restore Operation	249
Pool SIM Comp Req Operation	249
Set Pool Operation	250
Set XRC Option Operation	251
44 Audit Log Information for the Commands Sent from the Host	252
FC-SP — Operation Name	252
M/F I/F — Interface Name	252
OPEN I/F — Interface Name	252
45 Audit Log Information about the Key Used for the Encryption License Key	254
Encryption (ENC) Function — Create Enc. Key Operation	254
Encryption (ENC) Function — Enc. Key Backup Operation	254
Encryption (ENC) Function — Enc. Key Restore Operation	254
Encryption (ENC) Function — PG Enc. Set Operation	255
Install Function — Set Encryption Key Operation	255
PINDeletion Function — Delete Operation	255
46 Support and Other Resources	257
Related Documentation	257
Conventions for Storage Capacity Values	257
HP Technical Support	257
Subscription Service	258
HP Websites	258
Documentation Feedback	258
A Audit Log Information File Output by Function	259
B SVP Operations Output to the Audit Log File	273
C CFL Extension Operations Output to the Audit Log Information File	276

Match case Limit results 1 per page

Table 4 Items in the Syslog File

(continued)

Description

Item

No.

The serial number of the syslog header information.

Message identification

information

Message ID. Not displayed because it is not used.

The date, time and the time difference between UTC (Coordinated Universal Time)

in the format of YYYY-MM-DD-Thh:mm:ss.s

(YYYY: year, MM: month, DD:

day, hh: hour, mm: minute, ss.s: second,

: hours of the time difference and

minute of the time difference)

Z is displayed instead of

when there is no time difference between UTC,

such as 2005-12-26T:23:06:58.0Z.

The displayed format for second

ss.s

represents one decimal place.

Date, time#2

The detection entity identification character (Storage).

Detection entity

The host name (SVP).

Detected location

The category name of the event as described in the following example:

•

Authentication. iSCSI login or authentication of RMI (Remote Method Invocation)

•

ConfigurationAccess. Setting from Remote Web Console, SVP, or host.

•

AnomalyEvent. Reached the maximum of the audit log, etc.

•

Maintenance. SVP maintenance.

Type of audit event

The result of the audit event:

•

Success: Normal end. The operation has ended normally.

•

Failed: Error (xxxx-yyyy). The operation has ended abnormally.

•

Failed: Warning (xxxx-yyyy). The operation has partly ended abnormally or was

canceled during the operation.

Error codes are described as xxxx-yyyyy. SVP operations or commands from the

host do not output error codes.

Result of the audit event

The user name in the format of

uid=user name

•

When the category name is AnomalyEvent, or the DKA Encryption License Key is

created,

is output.

•

is output for SVP operation.

•

<Host>

is output for commands from host.

Subject identification

information

The ID (R600) to identify the model name of the product and the serial number divided

by a colon.

Hardware identification

information

Not displayed because it is not used.

Generated location

information

The location identification name set by the user in the

Syslog

window.

Related information

FQDN. Not displayed because it is not used.

Redundant identification information. Not displayed because it is not used.

Not displayed because it is not used.

Agent information

Audit Log File Format