*** UNIX MANUAL PAGE BROWSER ***

XIsso(8) System Manager's Manual XIsso(8) NAME XIsso - Windows interface for audit, default account parameters, and device assignments (Enhanced Security) SYNOPSIS /usr/tcb/bin/XIsso DESCRIPTION The functions performed with the XIsso program have been moved to other GUIs. The XIsso program in this release is an interface to the old /usr/tcb/bin/dxaccounts program. Support for XIsso will be discontin- ued after this release. Use the /usr/tcb/bin/dxaudit program to perform the audit functions documented in this reference page. The dxaudit program can be run in the default CDE (Common Desktop Environment) as well as the optional DECwindows environment. See the dxaudit(8X) reference page for more information. The account functions documented in this reference page are performed in CDE using the Account Manager program found under Application Man- ager --> System Management Utilities. See the Account Manager's online help for more information. If you are using the DECwindows environment, use the new /usr/bin/X11/dxaccounts program (this is actually the Account Manager) to perform the accounts functions documented in this reference page. See the dxaccounts(8X) reference page and the Account Manager's online help for more information. Use the /usr/tcb/bin/dxdevices program to perform the device functions documented in this reference page. The dxdevices program can be run in the default CDE (Common Desktop Environment) as well as the optional DECwindows environment. See the dxdevices(8X) reference page for more information. The XIsso program is a windowed interface that provides the capabilities to administer the audit, default account parameters, and device subsystems (the Information System Security Officer role functions). To use the XIsso program you need to log in as root. Audit You must start, setup, and stop auditing from the command line. See the auditd(8) and auditmask(8) reference pages for details. The func- tions supported by the main Audit menu are as follows: This screen allows the administrator to create, modify, or delete se- lection files. Selection files contain parameters that indicate how audit records are selected from the raw audit trail during report gen- eration. The selection parameters include things like time interval, audit events, and user ID. Any audit record matching the selection criteria is displayed. This screen allows the administrator to create, modify, or delete deselection files. A deselection file consists of tuples. The tuple is comprised of a host, audit ID, real UID, event, file pathname, and access mode. A deselection file can be used to fur- ther reduce audit records when generating reports. It can be used in combination with a selection file. Any audit record matching the dese- lection criteria is filtered out from the report stream. This screen allows the administrator to view an audit report. A selection file, a deselection file, and an audit log can be selected to generate a re- port. Output options include generating a report to a file, to a se- ries of files sorted by audit ID, to a window on the screen, or if au- dit is currently enabled, to follow the current activity. Report records can be in brief format or long format. If in brief format, the administrator can double click on the record and get a pop-up of the long format. Accounts The XIsso program controls the authentication subsystem. The ISSO is generally responsible for setting the system-wide default account para- meters and modifying the account parameters of all non-ISSO users. The functions supported by the main Accounts menu are as follows: Al- lows you to select a non-ISSO account and to modify the account parame- ters. These parameters override any system-wide defaults that you have specified. You can select the groups that the user can belong to, the login control parameters, the audit events, and the password parameters. Allows you to modify any user account template. Account templates can be created to specify account attributes for many user accounts. The system default template, SYS_DFLT, is always present. Devices The XIsso program provides control over the device assignment database and the terminal control database. The ISSO is generally responsible for setting the system-wide default device parameters and modifying the device and terminal parameters of all devices. The functions supported by the main Devices menu are as follows: Allows you to select a device and to create or modify the device parameters. These parameters override any system-wide defaults that you have speci- fied. Currently terminals can be added to your secure configuration. (Printers and removable devices can be added or modified with the XIsso interface, but the operating system only deals with terminals.) Allows you to specify the system-wide default device control parameters. Resources This resource specifies the maximum number of 256-kilobyte pages that are allocated by XIsso when receiving report data from the audit_tool command. Once this threshold is reached, XIsso discards the oldest data page to make room for new data. The default value is 20. This means that up to 5 megabytes of report data is accessible at any one time while viewing a report. If the Brief Report mode is selected, less data is available because XIsso stores both the brief and the full records to expand a brief for- mat into a long format. This memory is freed after each report is fin- ished, so it is not a cumulative amount. FILES Specifies the command path. Resource file. System Default database. Terminal Control database. Device Assignment database. Protected Password database. Bookreader help file. Site-specific audit events. Audit event alias specification file. Directory containing the audit selection files. Directory containing the audit deselection files. Base system audit events. RELATED INFORMATION Commands:dxaccounts(8X), dxaudit(8X), dxdevices(8X), auditd(8), aud- gen(8), audit_setup(8), audit_tool(8), auditmask(8), secsetup(8), XSysAdmin(8) Security delim off XIsso(8)