Previous Topic: View Queries and Reports to See CA Access Control EventsNext Topic: Prerequisites


Securing CA User Activity Reporting Module Using CA Access Control

To secure CA User Activity Reporting Module using CA Access Control, you must install CA Access Control on CA User Activity Reporting Module. You can control user access and secure audit logs received from a product or generated by CA User Activity Reporting Module by creating rules on CA Access Control.

Note: For information about creating rules on CA Access Control, see the CA Access Control documentation set.

Example: Create a Rule that Monitors User Access to the /data Folder

Suppose that you want to create a rule on CA Access Control that monitors user access to the /data folder of CA User Activity Reporting Module, do the following:

  1. Navigate to the installation path of CA Access Control.

    Default Installation Path: /opt/CA/Access Control

  2. Execute the following command:
    selang
    

    The CA Access Control command line interpreter is displayed.

  3. Execute the following command:
    nr GFILE CA_ELM_DBFILES owner(nobody) warning
    

    A new resource group CA_ELM_DBFILES is created for the DBFiles.

  4. Execute the following command:
    newres FILE /data/hot/* owner(nobody) defaccess(none) warning audit(failure)
    

    A new resource rule is created for the CA User Activity Reporting Module hot database files.

  5. Execute the following command:
    newres FILE /data/raw/* owner(nobody) defaccess(none) warning audit(failure)
    

    A new resource rule is created for the CA User Activity Reporting Module raw database files.

  6. Execute the following commands:
    editres GFILE CA_ELM_DBFILES mem+(/data/hot/*)
    

    The resource rule for the CA User Activity Reporting Module hot database files is added to CA_ELM_DBFILES.

  7. Execute the following commands:
    editres GFILE CA_ELM_DBFILES mem+(/data/raw/*)
    

    The resource rule for the CA User Activity Reporting Module raw database files is added to CA_ELM_DBFILES.

  8. Execute the following command:
    authorize GFILE CA_ELM_DBFILES uid(caelmservice) access(all)
    

    The message 'Successfully added caelmservice to CA_ELM_DBFILES's ACL' is displayed. A rule is created to monitor user access to the /data folder of CA User Activity Reporting Module.

  9. (Optional) Execute the following command to view the activities performed by a user on the hot database files and raw database files of CA User Activity Reporting Module:
    seaudit -a
    

More information:

Prerequisites