To configure Adaptive Server for auditing:
Log in to your machine using your Sybase System Administrator (“sa”) user account.
Start auditinit at the UNIX prompt:
$SYBASE/$SYBASE_ASE/install/auditinit
auditinit displays the following menu:
AUDITINIT 1. Release directory: /usr/u/sybase 2. Configure a Server product
Select Configure a Server Product.
Select Adaptive Server.
Select Configure an Existing Sybase Server.
Select the server to configure.
Provide the SA Password for the server you selected.
From the Sybase Server Configuration screen, select Configure Auditing.
As you proceed through the menus in auditinit, you can change any default values that appear. As you finish each menu, press Ctrl+A to accept the defaults or changed values and move to the next menu.
CONFIGURE AUDITING 1. Configure auditing: no 2. Add a device for audit table(s) 3. Add a device for the audit database transaction log 4. Delete a device entry 5. Change a device entry List of devices for the audit tables: Logical name Physical name Segment name Table name Size Device for the audit datbase transaction log: Logical name Physical name Segment name Table name Size
From the Configure Auditing screen, select Configure Auditing.
auditinit redisplays the Configure Auditing menu with the value “yes” displayed for Configure Auditing.
To create a device for an audit table:
From the Configure Auditing screen, select Add a Device for Audit Table(s).
auditinit displays the following menu:
ADD/CHANGE A NEW DEVICE FOR AUDITING 1. sybsecurity physical device name: 2. Logical name of the device: 3. Size of the device (Meg): 4. Device size for auditing:
Select Sybsecurity Physical Device Name.
Enter the full path of the physical device (raw partition) that you located in “Pre-installation tasks for auditing devices”.
Enter the physical name of the device to use for the audit database (default is " "): /dev/path_to_partition
where path_to_partition is the path to the raw partition for the device.
If you specify an operating system file, the following warning appears:
WARNING: '/secret1/sybase_dr/install/aud1.dat' is a regular file which is not recommended for a Server device.
Press Return to acknowledge the warning.
auditinit redisplays the Add/Change a New Device for Auditing menu, which displays the physical name of the device:
ADD/CHANGE A NEW DEVICE FOR AUDITING 1. sybsecurity physical device name: /secret1/sybase_dr/install/aud1.dat 2. Logical name of the device: 3. Size of the device: 4. Device size for auditing:
Proceed through the remaining items on this menu.
The Size of the Device value must be equal to or greater
than the Device Size for Auditing value. The Device Size for Auditing
must be equal to the device size. If you are following Sybase auditing
guidelines, you do not need to change the value displayed in Device
Size for Auditing.
Press Ctrl+A to accept the settings. auditinit returns to the Configure Auditing menu and displays the device you have created.
CONFIGURE AUDITING 1. Configure auditing: yes 2. Add a device for audit table(s) 3. Add a device for the audit database transaction log 4. Delete a device entry 5. Change a device entry List of devices for the audit tables: Logical name Physical name Segment name Table name Size
6.Audit_01' secret1/sybase_dr/install/aud1.dat’ sysaudits_01 5
To add multiple audit devices, repeat steps 1– 6.
You can add as many as eight devices. Sybase recommends adding three or more audit table devices.
After adding a device, auditinit returns to the Configure Auditing menu and displays all the devices you have created.
CONFIGURE AUDITING 1. Configure auditing: yes 2. Add a device for audit table(s) 3. Add a device for the audit database transaction log 4. Delete a device entry 5. Change a device entry List of devices for the audit tables: Logical name Physical name Segment name Table name Size 6. Audit_01' /secret1/sybase_dr/install/aud1.dat’ sysaudits_01 5 7. Audit_02' /secret1/sybase_dr/install/aud2.dat' sysaudits_02 5
To create a device for the audit database transaction log:
From the Configure Auditing menu, select Add a Device for the Audit Database Transaction Log.
auditinit displays the Add/Change a New Device for Auditing menu.
ADD/CHANGE A NEW DEVICE FOR AUDITING 1. sybsecurity physical device name: 2. Logical name of the device: 3. Size of the new device (Meg): 4. Device size for auditing:
Select Sybsecurity Physical Device Name.
auditinit prompts for the physical name and supplies you with a default, if available:
Enter the physical name of the device to use for the sybsecurity database (default is''): /dev/path_to_partition
where path_to_partition is the path to the raw partition for the device.
Enter the full path name of a physical device.
If you enter an operating system file name, the following warning appears:
WARNING: '/secret1/sybase_dr/install/audlog' is a regular file, which is not recommended for a Server device.
Press Return to acknowledge this warning.
auditinit displays the Add/Change a New Device for Auditing menu and the value you selected for the physical name of the device.
ADD/CHANGE A NEW DEVICE FOR AUDITING 1.sybsecurity physical device name: /secret1/sybase_dr/install/auditlog.dat 2.Logical name of the device: 3.Size of the device: 4.Device size for auditing:
Proceed through the remaining items on this menu. As you do so, be aware of the following:
Sybase recommends a minimum size of 2MB for the size of the transaction log.
auditinit displays the size in both Size of the Device and in Device Size for Auditing in the Add/Change a New Device for Auditing menu.
The Device Size for Auditing default value is equal to the size of the device, based on the assumption that you may want to devote the entire device to log for the auditing task. If you want to use only a subset of the device, you can edit the Size of the Device value.
Press Ctrl+A to accept the settings displayed in the Add/Change a New Device for Auditing menu.
auditinit returns to the Configure Auditing menu and displays all the devices you have created.
CONFIGURE AUDITING 1. Configure auditing: yes 2. Add a device for audit table(s) 3. Add a device for the audit database transaction log 4. Delete a device entry 5. Change a device entry List of devices for the audit tables: Logical name Physical name Segment name Table name Size
6. Audit_01' /secret1/sybase_ dr/install/aud1.dat’ sysaudits_01 5 7. Audit_02' /secret1/sybase_ dr/install/aud2.dat' sysaudits_02 5 8. auditlog /secret1/.../auditlog.dat logsegment syslogs 2
When you are ready to execute the audit configuration, press Ctrl+A. auditinit returns you to the Sybase Server Configuration screen.
Press Ctrl+A again. auditinit prompts with:
Execute the Sybase Server Configuration now?
Enter “y” (yes).
auditinit executes the tasks to install auditing. When the installation completes successfully, the following messages are displayed:
Running task: install auditing capabilities. ....................Done Auditing capability installed. Task succeeded: install auditing capabilities. Configuration completed successfully. Press <return> to continue.
After auditing is installed, no auditing occurs until a System Security Officer enables auditing with sp_configure. For more information, see the System Administration Guide.
To delete a device entry:
Select Delete a Device Entry from the Configure Auditing menu.
Enter the number of the device to delete.
Press return.
To change a device entry:
Select Change a Device Entry from the Configure Auditing menu.
Enter the number of the device to change.
auditinit displays the Add/Change a New Device for Auditing menu with information on the device you selected:
ADD/CHANGE A NEW DEVICE FOR AUDITING 1. sybsecurity physical device name: /secret1/sybase_dr/install/audlog 2. Logical name of the device: aud.log 3. size of the new device (Meg): 5 4. Device size for auditing:5
Select each remaining entry you want to change.
Press Ctrl+A to save the new entries.
