Try OpenEdge Now
skip to main content
Database Administration
Reference : PROUTIL Utility : PROUTIL AUDITARCHIVE qualifier
 

PROUTIL AUDITARCHIVE qualifier

Archives records from your audit data tables to a binary file.

Syntax

proutil db-name -C auditarchive [date-range]
    [-recs num-recs] [-nodelete] [-checkseal]
    [-directory directory-name]
    [-userid user-id[-password passwd]]
[ -Cipher 6]

Parameters

db-name
Specifies the database whose audit data you are archiving.
date-range
When specified, date-range limits the archived records as shown in the following table:
If your date range is . . .
Then the data archived is . . .
Blank
All audit data records in the database at the time the archive process begins.
One date
All audit data records in the database with a date equal to or earlier than the specified date.
Two dates, separated by a space
All audit data records in the database with times that fall between the two dates specified, inclusively. You must first specify the earlier date, followed by the later date.
Specify date-range with the format "mm-dd-yyyy hh:mm:ss.sss+hh:mm". You must include the quotation marks. For example, to specify 5:00 P.M. on September 7, 2005 EDT, enter "09-07-2005 17:00:00.000-04:00".
-recs num-recs
Specifies the number of records to delete in a single transaction. AUDITARCHIVE executes a transaction for every num-recs records it deletes. The default for num-recs is 100, and the maximum is your current Lock Table Entries (-L) setting. The multi-user default for -L is 8192.
-nodelete
Specifies that AUDITARCHIVE copy the audit data records to the archive file, leaving the audit data in the database. If not specified, AUDITARCHIVE will delete the audit data records as they are archived.
-checkseal
Specifies that AUDITARCHIVE verify that the seal of each audit data record matches the database MAC key prior to writing it to the audit archive file. This option requires that the audit policies in effect when writing the audit data records have specified a Data Security Level of DB Passkey. For more information on creating audit policies and data security, see OpenEdge Getting Started: Core Business Services - Security and Auditing.
-directory directory-name
Specifies the directory where the audit archive file is written. If you do not specify a value for directory-name, the file is written to your current working directory. If an audit data archive file for your database already exists in the output directory, you are prompted to confirm if you wish to proceed and overwrite the existing file, or exit the utility.
If you are purging your audit data and do not want the data written to the archive file, you must explicitly specify the "bit bucket" (/dev/null) as the output destination in directory-name.
-userid username
Specifies the user name of the privileged user. If you are using the _User table, username must be defined there, and you must include the -userid parameter to identify the user. If you are not using the _User table, use of -userid is optional; in this scenario, username specifies a local operating system login ID. Regardless of the source, username must have the Audit Data Archiver privilege in order to run AUDITARCHIVE.
-password passwd
Specifies the password for username. If you are using the _User table, passwd is the password defined for the user there. The value of passwd can be clear text or encrypted. If you are not using the _User table, and have specified a local operating system ID with -userid, passwd must be the encrypted value of the DB Pass key. See OpenEdge Getting Started: Core Business Services - Security and Auditing or the Data Administration online Help for information on the DB Pass Key. For information on encrypting a password, see the description of the genpassword utility in OpenEdge Getting Started: Installation and Configuration.
If you do not supply a password corresponding to username, the utility will prompt for it.
-Cipher 6
For an Enterprise database enabled for Transparent Data Encryption, specify -Cipher 6 to encrypt the output of the PROUTIL AUDITARCHIVE with a password-based encryption cipher (PBE). You are prompted to enter the passphrase for the cipher. You must remember this passphrase; you will be prompted to enter the passphrase when loading the audit archive.
AUDITARCHIVE archives audit data from the _aud_audit-data and _aud-audit-data-value tables. It also copies data from the _db-detail, _client-session, and _aud-event tables. The data archived is written to one file, named db-name.abd so that the data from all the tables is treated as a unit. The file is sealed with a time stamp and the MAC seal currently stored in the database.
Archiving audit data is an auditable event. If your active audit policy is configured to audit the execution of AUDITARCHIVE, then every time it runs an audit event will be generated. The audit data record that audits the archive event will not be deleted from the database when AUDITARCHIVE runs.

Notes

*The Audit Archive privilege is required to run AUDITARCHIVE.
*AUDITARCHIVE runs against a database that is online or offline.
*Multiple instances of AUDITARCHIVE can simultaneously run against the same database, however their output destinations must be unique directory specifications. If the data from multiple archives contains duplicate records, AUDITLOAD ignores the duplicates and continues to load the data without error.
*If an archive file exists in the specified output directory, AUDITARCHIVE will not overwrite it. AUDITARCHIVE issues a warning message and provides you with the choice of overwriting the existing file or exiting.
*If your archive file reaches the maximum file size for your operating system, a second file, db-name2.abd, will be written.
*When archiving audit data encrypted with Transparent Data Encryption, the output of the audit archive is not encrypted by default. Encrypt the archive file (container security) by specifying -Cipher 6 and entering a passphrase for the PBE cipher. You will be prompted to enter the passphrase when loading the contents of the archive file.