PreviousNext

Programmer Tasks

The application programmer uses the DCE audit APIs to enable auditing in the application server program. Specifically, the programmer performs the following tasks:

1. Identifies the code points corresponding to the audit events in the application server program.

For example, a banking server program can have these functions: acct_open( ), acct_close( ), acct_withdraw( ), acct_deposit( ), and acct_transfer( ). Each of these functions can be designated as a code point, meaning that these are possible audit events that can be recorded (depending on the filter):

acct_open( ) /* first code point */

acct_close( ) /* second code point */

acct_withdraw( ) /* third code point */

acct_deposit( ) /* fourth code point */

acct_transfer( ) /* fifth code point */

2. Assigns an event number to each code point. The event numbers are used as parameters by the dce_aud_open( ) API, which opens an audit trail, and the dce_aud_start( ) API, which initializes the audit record for the code point. The programmer may want to define these event numbers in the server's header file.

For example:

/* event number for the first code point, acct_open( ) */

#define evt_vn_bank_server_acct_open 0x01000000

/* event number for the second code point, acct_close( ) */

#define evt_vn_bank_server_acct_close 0x01000001

/* event number for the third code point, acct_withdraw( ) */

#define evt_vn_bank_server_acct_withdraw 0x01000002

/* event number for the fourth code point, acct_deposit( ) */

#define evt_vn_bank_server_acct_deposit 0x01000003

/* event number for the fifth code point, acct_transfer( ) */

#define evt_vn_bank_server_acct_transfer 0x01000004

3. Adds a call to the dce_aud_open( ) API to the application server's initialization routines. This opens the audit trail file. This function uses the event number of the lowest numbered event, (in this case acct_open( )) as one of its parameters. For example:

main( )

/* evt_vn_bank_server_acct_open is the lowest event number */

dce_aud_open(aud_c_trl_open_write, description,

evt_vn_bank_server_acct_open,

5, &audit_trail, &status);

4. Adds Audit event logging functions to every code point in the application server code. These functions perform the following at each code point:

· Initializes an audit record by using the dce_aud_start( ) API. This function "assigns'' the event number to the code point representing an event. Thus, this function uses the event number as one of its parameters.

· Adds event-specific information to the audit record by using the dce_aud_put_ev_info( ) API.

· Commits the audit record using the dce_aud_commit( ) API. This function writes the audit record to the audit trail file.

Following is an example of how these APIs are used on the code points of the bank server program:

acct_open( ) /* first code point */


/* Uses the event number for acct_open( ), */

/* evt_vn_bank_server_acct_open */


dce_aud_start(evt_vn_bank_server_acct_open,

binding,options,outcome,&ard, &status);

if (ard) /* If events need to be logged */

dce_aud_put_ev_info(ard,info,&status);

if (ard) /* If events were logged */

dce_aud_commit(at,ard,options,format,&outcome,&status);

acct_close( ) /* second code point */


/* Uses the event number for acct_close( ), */

/* evt_vn_bank_server_acct_close */


dce_aud_start(evt_vn_bank_server_acct_close,

binding,options,outcome,&ard, &status);

if (ard) /* If events need to be logged */

dce_aud_put_ev_info(ard,info,&status);

if (ard) /* If events were logged */

dce_aud_commit(at,ard,options,format,&outcome,&status);

5. Closes the audit trail file when the server shuts down, using the dce_aud_close( ) API in the main server routine. For example:

dce_aud_close(audit_trail, &status);