One thing to consider is the command stacks that are written to &savedlists& which has the command line activity. Not gospel as they can be manipulated but something. If it were me, I'd lock down command line access and/or the commands themselves. In past lives, I've had wrappers around system commands that did whatever logging was necessary. For example ED ran our special version which took the command line options and logged them and verified that the particular user was 'authorized' to use ED or access the file they entered.
Another method might be to COMO everything and change the name of the COMO command to something only your administrator knows so no one could 'COMO OFF'. Of course you'd need to lock down VOC changes and access to the UV account and certain system tables. A few ideas.... Mike R. -----Original Message----- From: u2-users-boun...@listserver.u2ug.org [mailto:u2-users-boun...@listserver.u2ug.org] On Behalf Of bpar...@nemianlife.lu Sent: Friday, October 23, 2009 4:52 AM To: u2-users@listserver.u2ug.org Subject: [U2] Command logging in Universe 10.2.1 Hi all, We are using Universe 10.2.1 to run a Life Insurance application and we use the UV command line to carry out various database administration tasks. All other access is via the application, where all transactions are recorded to an audit trail. We have the auditors in at the moment and they are very interested in having a compulsory tracing of the command line sessions logged as if a COMO ON was issued as the first command however I don't know of any way to make this mandatory, i.e. not allow COMO OFF. Does any one know any better. Many thanks for any help. Brian Parker Systems Manager Nemian Life and Pensions SA _______________________________________________ U2-Users mailing list U2-Users@listserver.u2ug.org http://listserver.u2ug.org/mailman/listinfo/u2-users _______________________________________________ U2-Users mailing list U2-Users@listserver.u2ug.org http://listserver.u2ug.org/mailman/listinfo/u2-users
