Reference Guide › Command Reference › AUDITEXT Command › Using ADDMDISK with Macros › When the AUDT Minidisk is Full

When the AUDT Minidisk is Full

While not all CA VM:Director commands are audited, most are. (For CA VM:Secure, this includes all ACI requests generated by protected CP commands.) When an audited command is issued and the AUDT minidisk is full, CA VM:Director punches audit records to the virtual punch instead of writing them to the disk file. This ensures that no audit records are lost. For every 30 records that are punched, CA VM:Director sends the following message to the users identified on the SYSOPER records in the PRODUCT CONFIG file, the CA VM:Director console, and the issuing user:

AUDIT DISK FULL, WAITING FOR AUDIT EXTRACT

An authorized user enters the AUDITEXT command to extract the current audit records and allow further writing of audit records to disk instead of a punch spool file.

If the AUDT minidisk was full, the issuer will receive two files:

1. A file on the minidisk specified with the command.
2. An overflow file. The overflow file is one of the following types:
   1. A spool file in their reader when the AUDIT file has fixed length records. The spool file is named sysid OVERFLOW, where sysid is the name of the virtual machine running CA VM:Director, and contains the records punched since the AUDT minidisk filled.
   2. A disk file when a variable length record format is used for the AUDIT file. A disk file named sysid OVERFLOW is created on the A disk of the authorized user. These records can be appended to the end of the retrieved AUDIT record disk file.