To secure CA User Activity Reporting Module using CA Access Control, you must install CA Access Control on CA User Activity Reporting Module. You can control user access and secure audit logs received from a product or generated by CA User Activity Reporting Module by creating rules on CA Access Control.
Note: For information about creating rules on CA Access Control, see the CA Access Control documentation set.
Example: Create a Rule that Monitors User Access to the /data Folder
Suppose that you want to create a rule on CA Access Control that monitors user access to the /data folder of CA User Activity Reporting Module, do the following:
Default Installation Path: /opt/CA/Access Control
selang
The CA Access Control command line interpreter is displayed.
nr GFILE CA_ELM_DBFILES owner(nobody) warning
A new resource group CA_ELM_DBFILES is created for the DBFiles.
newres FILE /data/hot/* owner(nobody) defaccess(none) warning audit(failure)
A new resource rule is created for the CA User Activity Reporting Module hot database files.
newres FILE /data/raw/* owner(nobody) defaccess(none) warning audit(failure)
A new resource rule is created for the CA User Activity Reporting Module raw database files.
editres GFILE CA_ELM_DBFILES mem+(/data/hot/*)
The resource rule for the CA User Activity Reporting Module hot database files is added to CA_ELM_DBFILES.
editres GFILE CA_ELM_DBFILES mem+(/data/raw/*)
The resource rule for the CA User Activity Reporting Module raw database files is added to CA_ELM_DBFILES.
authorize GFILE CA_ELM_DBFILES uid(caelmservice) access(all)
The message 'Successfully added caelmservice to CA_ELM_DBFILES's ACL' is displayed. A rule is created to monitor user access to the /data folder of CA User Activity Reporting Module.
seaudit -a
Copyright © 2013 CA.
All rights reserved.
|
|