HP StorageWorks XP Audit Log reference guide for the XP12000/XP10000 and SVS 200 (5697-7157, November 2007)
Table Of Contents
- XP Audit Log reference guide
- Table of Contents
- About this guide
- 1 Introduction
- 2 Audit log file format
- 3 Audit log functions, operations, and products
- 4 Audit Log function
- 5 Account function
- 6 BASE function
- 7 Cache function
- 8 CFL function
- 9 CPAV function
- 10 Flex Copy XP function
- 11 LUN Security XP Extension function
- 12 ENAS function
- 13 Information function
- 14 Install function
- Add Host Group operation
- Add iSCSI Name operation
- Add iSCSI Target operation
- Add LU Path operation
- Add WWN operation
- All Config operation
- Assist Config operation
- Backup operation
- Backup Config operation
- Change Host Group operation
- Change iSCSI name operation
- Change iSCSI Target operation
- Change WWN operation
- DCR Prestaging operation
- Define Config. operation
- Delete DKC WWN operation
- Delete Host Group operation
- Delete iSCSI Name operation
- Delete iSCSI Target operation
- Delete LU Path operation
- Delete WWN operation
- DKU Emulation operation
- Force Reset operation
- Format operation
- Format Stop operation
- Init DKC iSCSI Name operation
- Initialize ORM Value operation
- Install operation
- Install CV operation
- Machine Install Date operation
- Make LUSE operation
- Make Vol./Vol. Init operation
- Micro Program operation
- MP Install operation
- M/F DCR operation
- New Installation operation
- Open DCR operation
- Patch Edit operation
- Release LUSE operation
- Restore operation
- Restore Config. operation
- Set Battery Life operation
- Set Channel Speed operation
- Set CommandDev operation
- Set CommandDevSec operation
- Set Fibre Address operation
- Set Fibre Topology operation
- Set Host Mode operation
- Set IP Address operation
- Set Security Switch operation
- Set Speed Mode operation
- Set Subsystem Time operation
- System Option operation
- System Tuning operation
- Uninstall operation
- Update Config operation
- Volume to Space operation
- 15 On Demand function
- 16 Logical Device (LDEV) function
- 17 LUN Manager (LUNM) function
- Add Host Group operation
- Add iSCSI Name operation
- Add iSCSI Target operation
- Add LU Path operation
- Add WWN operation
- Auth Info (Host) operation
- Auth Info (Target) operation
- Change Host Group operation
- Change iSCSI name operation
- Change iSCSI Target operation
- Change WWN operation
- Delete DKC WWN operation
- Delete Host Group operation
- Delete iSCSI name operation
- Delete iSCSI Target operation
- Delete LU Path operation
- Delete WWN operation
- Init DKC iSCSI Name operation
- Set Authentication operation
- Set Channel Speed operation
- Set CommandDev operation
- Set CommandDevSec operation
- Set FCSP Host operation
- Set FCSP Port Info operation
- Set FCSP Port Switch operation
- Set FCSP Target operation
- Set Fibre Address operation
- Set Fibre Topology operation
- Set Host Mode operation
- Set IP Address operation
- Set iSNS operation
- Set Security Switch operation
- Set Speed Mode operation
- Set TCP/IP Port operation
- 18 Logical Unit Number Expansion (LUSE) function
- 19 Maintenance function
- Blockade operation
- Correction Copy operation
- Drive Interrupt operation
- Format operation
- Format Stop operation
- Recover operation
- Replace operation
- Restore operation
- Restore Data operation
- Size Change operation
- Spare Disk operation
- Switch SVP operation
- Transfer Config operation
- Type Change operation
- Verify operation
- Verify Stop operation
- 20 Performance Control Base Monitor function
- 21 PORT function
- 22 Optional Product (PP) KEY function
- 23 Remote Control Unit (RCU) function
- 24 Serverless Backup Enabler (SBE) function
- 25 Volume Shredder (SHRED) function
- 26 Business Copy XP function
- 27 ShadowImage (SI) z/OS function
- 28 SNMP function
- 29 Performance Control function
- 30 Continuous Access XP function
- 31 TrueCopy (TC) z/OS function
- 32 Continuous Access XP - Journal function
- 33 Universal Replicator (UR) z/OS function
- 34 External Storage XP function
- 35 Virtual LVI / Virtual LUN (VLL) function
- 36 Auto LUN (ALUN) function
- 37 HP Disk/Cache Partition function
- 38 Volume Retention Manager (VRM) function
- 39 Volume Security (VSEC) function
- 40 V Volume (VVOL) function
- 41 XRCR function
- A Audit log file output by function
- Index
1 Introduction
This chapter introduces you to the audit logs created by XP Remote Web Console. It describes the
purpose of the logs, how to download them, and descriptions of the audit logs.
Introduction to audit log
The practice of logging and log management using syslog has been used for many years, but using
storage technology as part of the process is relatively new. The audit log function allows you to record
the access, activity, and configuration changes made to your storage system.
Audit log has two primary types of functions:
• Helps ensure data security by alerting management and administrators to unusual or suspicious
network and system behavior. This includes providing security auditors with the information required
to validate security policy enforcement and proper segregation of duties.
• Helps with regulatory compliance, by allowing you to implement centralized aggregation of log
data and formal data retention policies.
Increasing data security
Unfortunately, security incidents from both internal and external sources are a real possibility that
cannot be ignored. It is becoming increasingly common for data protection and privacy regulations
to hold firms accountable for safeguarding their data. The general legal standard is one of “due
care.” This means at a minimum complying with industry standards, which can include security best
practices and frameworks (such as, COBIT, BITS, COSO) and standards (such as, ISO 17799 and
NIST SP 800-53).
The audit log monitors and records log ins, log outs, and configuration changes to the storage system.
This helps you with root-cause analysis following any security breaches, violation of internal protocols,
or other incidents, and allows you to take preventive or corrective actions where necessary.
Providing an audit trail for regulatory compliance
Audit log allows you to maintain and provide evidentiary information that satisfies the ever-growing
body of laws and regulations. Businesses are now required to maintain certain types of data in a
format that will withstand an outside audit. At a minimum, these regulations require you to track data
ownership, and provide long-term protection and retention of the log data. Audit log helps businesses
meet the increasingly strict and complex regulatory requirements, and avoid civil and criminal liability.
Some examples of specific statutory requirements are as follows:
• In the United States, the Health Insurance Portability and Accountability Act (HIPAA) requires
hospitals, physicians, and managed care companies to adopt security, privacy, and data standards
for medical information. It requires organizations to “audit and monitor system and user activity
across the entire network, identify and investigate security breaches and suspicious behavior, and
maintain an audit trail of user and network activity.” HIPAA also specifies that companies should
“retain and protect log data as evidence...up to 6 years.”
XP Audit Log reference guide 25