Audit Analysis Officer

The AAO configures auditing and reads and analyzes the audit trail. The AAO can specify whether and how auditing is enabled, how the system responds to error conditions, and who is responsible for managing the audit trail.

For database server-managed auditing on UNIX, the AAO also determines the directory for the audit trail and the maximum size of each audit file.

The AAO can load the audit-trail data into a database server and use SQL to analyze it, either through a utility such as DB-Access or a customized application developed with the Informix® SQL API or application development tool.

The AAO performs these tasks with the onaudit and onshowaudit utilities, which The onaudit utility: Configure audit masks describes. If the AAO uses onaudit to change the audit configuration parameters during a database server session, the new values are written to the adtcfg.servernum file for that instance of the database server.

The installation script for the database server creates a $INFORMIXDIR/aaodir UNIX directory or a %INFORMIXDIR%\aaodir Windows directory, which contains files that the AAO uses. These files include the adtcfg audit configuration file and the adtcfg.std file, both of which contain examples of valid definitions for audit configuration parameters.

The AAO must have appropriate UNIX permissions or Windows access privileges to view all the data in the database server to analyze events that might involve sensitive information. The AAO decides whether to audit all actions of the DBSSO and the DBSA.

Tip: On UNIX, an AAO is any user who belongs to the group that owns $INFORMIXDIR/aaodir. On Windows, the administrator uses registry settings, through the Role Separation dialog box that opens during installation, to specify AAO users.